Category: Aviation

Philip Baum considers the impact of the ongoing conflict in Israel and Gaza on the aviation industry and identifies potential challenges for those responsible for ensuring security at airports and in the skies.

More than two months have passed since the horrific terrorist attacks perpetrated by Hamas fighters against Israel on October 7, 2023, and, save for a week’s pause in hostilities, on a daily basis ever since, we have borne witness to the subsequent exacerbation of the humanitarian tragedy which has befallen the residents of the Gaza Strip as a result of Israel’s mission to free the 240 hostages seized that fateful day and, simultaneously, attempt to destroy Hamas completely.

It was an intentionally long opening sentence to this article, but it is one which has probably already riled some readers who struggle to brand Hamas a terrorist organization or, on the flip side, have little empathy for the Palestinians killed or forever scarred by the brutality of war. There may be even a few (precious few, I hope) conspiracy theorists out there, as there were post-9/11, who even question whether the October 7 attacks even happened.

And therein lies one of the challenges facing the aviation community — amongst many other global industries — as we bring together people with divergent viewpoints on a highly emotive conflict. Like LinkedIn — pre-October attempting to remain a professional networking site yet now rife with hate speech on all sides — we have to consider what the Israel/Gaza (or Israel/Palestine) war means for the passengers we fly, the routes we operate, the staff we employ and the cargo we transport. This is a conflict that can, and already has, impact the good order and discipline on board aircraft … and worse.

The aviation industry, alike other transportation modes, faces a number of distinct challenges. At the disruptive, yet legal, incident end of the scale, we are witnessing airport-based protests — by both pro-Palestinian and pro-Israeli groups — who are concerned about the way in which the industry directly or indirectly facilitates the movement of weapons. Airports have, after all, increasingly become the stages for political expression regarding topics as diverse as the climate crisis, human trafficking, asylum-related issues, labor pay and governmental corruption. In the middle of the scale, we have aggressive behaviour taking place in our terminals or within aircraft cabins where those with different perspectives are clashing with each other and where we are witnessing blatant Islamophobia and antisemitism. Further along our continuum, there are specific acts of violence, as occurred in Dagestan (more later), where people and facilities are targeted by mobs; such actions have the potential to cause serious injury or even death. Finally, we cannot ignore the potential for the anger, senses of injustice, hopelessness and frustration experienced by many (I have to reiterate, on all sides) to lead to the very worst kind of acts of unlawful interference with civil aviation we traditionally exert our energies on preventing.

Addressing the topic, it’s nigh on impossible to avoid being political, so let me tackle the elephant in the room head-on — my own viewpoint. I’m not going to take you on a potted history of the conflict; you can find that elsewhere and, if we’re honest, most people will, as with the news channels they elect to view, read the history as related by those they empathize with the most. In an era of soundbite communication fueled by the anonymity afforded us by social media platforms, opinions are aplenty and the truth is hard to find. The reality is that we face a challenge of two peoples with legitimate concerns about their security and, indeed, very existence. Even if you don’t believe that one side’s claims are legitimate, the people on the ground are a reality. Israel does exist as an independent state and the Palestinians should, likewise, have a homeland. Bottom line, I still passionately believe in the two-state solution, even if that may incur the wrath of those towards the right of the Israeli, or even western, political spectrum, or the condemnation of those who cannot bring themselves to acknowledge Israel’s right to continued existence at all.

Responsibility and Rhetoric

All of us operating within the industry need to ensure that we are on the side of good order and discipline regardless as to our own viewpoints. It’s a challenge. The media certainly haven’t got it right and are blatantly causing upset to people on both sides with the imagery they show and the rhetoric they use. Sometimes we might not even appreciate the sense of injustice words or focus can cause. For example, those supporting the Israeli narrative condemn the BBC for failing to brand Hamas a terrorist organization — even though the British government regards it as such — and are frustrated that all coverage of the humanitarian disaster in Gaza on Al Jazeera is captioned “Gaza Genocide”; the words “terrorist” and “genocide” are politically charged, rarely devoid of bias and are clearly debatable. Both sides seize the opportunity to inject the word “Nazi” into their description of their opponents, exactly as is the case in the war between Russia and Ukraine. Those empathizing more with the Palestinian side express disgust with the extent of the media’s coverage of the trauma the Israeli families of the 240 hostages are going through, and consider their pain completely disproportionate to that endured by an entire displaced population wondering whether they will live to see the next day as the Israeli bombardment continues. We need to be sensitive to the perspectives of those we serve and we need to police the operation to ensure that our customers and service providers do likewise. The advantages are twofold — the prevention of conflict on board aircraft and the potential identification of insiders working amongst us who may be expressing sentiments which should be sounding the alarm bells.

For years, those of us who have taught aviation security have referred to the actions of the Palestinian groups of the 1960s to 1980s as terrorist attacks. I recall, when interviewing Leila Khaled in Jordan regarding her active participation in two hijackings (TWA, 1969, and El Al, 1970), that her only precondition for our meeting was that any report I wrote would not brand her a terrorist. I let people form their own opinion. Interestingly, that’s the BBC stance today regarding Hamas.

In order to avoid workplace conflict, we need to exercise caution in, and recognize the dangers of, convoluting words and terminology. Muslims are not the same as Arabs, Palestinians are not the same as Hamas, and Israelis are not the same as Jews. Any glance at social media, sadly including professional networks, will demonstrate that we’ve a long way to go. A failure to do so in this context directly feeds Islamophobia and antisemitism which is particularly worrisome for those operating in cosmopolitan environments.

I write as a Londoner. Whilst most British people are rightly upset by the images they see of Gaza on their TV screens, there are those who struggle with the de-Christianizing and de-whitening of their society and worry about the implications of mass immigration from predominantly Muslim nations. That latent racism amongst a small but significant minority was, I believe, one of the reasons why the nation, by the slenderest of majorities, voted for Brexit (exiting the European Union).

In the meantime, the U.K.’s Jewish community is also experiencing hate at unprecedented levels. The Community Security Trust (CST) reported on December 6 that in the 61 days since October 7 they had, “recorded at least 1890 antisemitic incidents across the U.K. This is the highest ever total reported to CST across a sixty-one-day period.” For comparison, “CST recorded 301 antisemitic incidents over the same 61 days in 2022. This means that we have seen an increase in anti-Jewish hate acts of 528% this year compared to the same period last year.” The U.S.A. is no different with the Anti-Defamation League announcing — also on 6 December 6 — that it had recorded a 337% increase in incidents over the same period in 2022. The relevance — our aircraft are a microcosm of society and increases of hate crimes on the ground, whoever they are directed at, can result in an increase in unruly incidents in the air.

In terms of this conflict, there appears to be a readiness to tarnish all with the same brush. By no means do all Muslims support Hamas and nor do all Israelis support Israeli government action; just like not all Americans support either Trump or Biden and not all British people wanted to leave the European Union. Many are aghast at what their governments stand for. Our security briefings need to weed out any inherent generalizations we carelessly may include.

Failure of Leadership

Whilst the Israeli/Palestinian conflict is long-standing and October 7 was clearly not the beginning, the events of that day were a game-changer and there are many lessons to be learned. Let’s start with the fact that it was a security failure of unimaginable magnitude.

I hope that we will eventually learn the details of the intelligence purportedly shared with Israel prior to the attack and why it wasn’t treated with the degree of seriousness it warranted. Israel has long been regarded as having the gold standard of security both operationally and in respect of its processing of intelligence; this image was shattered. The scale of the snafu was one thing, but the simplicity of the attack should also serve as a lesson to us all.

We ensure the security of our airports through the deployment of checkpoints and fences; these offer little protection if they are attacked by large groups of armed individuals. And this was demonstrated at Makhachkala Airport in the Russian republic of Dagestan on October 29 this year.

Sickening scenes of hundreds of pro-Palestinian, antisemitic protestors storming the airport rapidly went viral on social media. Their target was a Red Wings aircraft arriving from Israel — or rather the passengers on board. This was no peaceful protest — the mob, carrying Palestinian flags and shouting “Allahu Akbar” broke through doors in the terminal and stormed onto the tarmac. One has to question whether any airport is staffed and equipped to repel such as action, yet every security manager should be re-examining their contingency plans for managing such an incident. Many will have already rehearsed scenarios to counter the threat posed by environmental groups, such as Extinction Rebellion, aiming to paralyze an airport’s ability to operate.

Protests

The right to peaceful protest may be one we are keen to preserve, although I have long been concerned that permitting such action at airports can distract the security services from their primary responsibility of ensuring that aircraft and their users are able to operate safely and securely.

Pro-Palestinian groups have already carried out a number of protests at European airports.

On November 14, Schiphol Airport in Amsterdam became the target of a group protesting the Dutch government’s role in supplying arms to Israel. They were chanting, “From the river to the sea, Palestine will be free,” which takes us back to the issue of rhetoric.

In our soundbite world, where issues — often laudable ones — become trendy, we must exercise even greater caution. I’ve already stated that I yearn for an indepe≠≠≠ndent Palestinian state, so I do believe in a “free Palestine”. But the Free Palestine movement’s catchphrase “From the river to the sea” does seemingly negate Israel’s right to exist and implies conquering the entire Holy Land. Is an airport really the right place for such aspirations to be uttered?

Meanwhile, in Dublin, activists occupied the European Commission offices in the city to both protest military arms being flown to Israel via Shannon Airport (in the west of Ireland) and against Ursula von der Leyen’s (president of the European Commission) solidarity visit to Israel.

It was a pro-Israeli group of demonstrators who decided to make their voices heard at Miami International Airport on December 3. They were protesting Qatar Airways being able to operate to the USA given the relationship between the Qatari government and Hamas.

Freedom of Dress

Expressions of political affiliation in the air have the potential to be more serious than those on the ground, where law enforcement is available to police an organized event and respond to excesses should they occur.

In the U.S., there were a number of inflight outbursts between Republicans and Democrats both in the aftermath of Donald Trump’s election as President and, in January 2021, pursuant to the Capitol Hill riots. Some of these were instigated by the clothes people wore – the “Make America Great Again” cap being a particular trigger for some, simple badges identifying voting allegiance for others. Likewise in the U.K. during the Brexit campaign.

On November 28 this year an American Airlines flight was operating a domestic route from New York JFK to Phoenix when a flight attendant noticed a passenger wearing a sweatshirt emblazoned with the word “Palestine.” The man was asked to remove the sweatshirt and wear it inside-out in order to minimize the potential for either offense to be caused to other passengers or, for some, paranoia to set in. There was no argument on board, rather an upset individual feeling silenced by the crew, albeit his humiliating experience has since been championed by the American-Arab Anti-Discrimination Committee.

These are very real challenges. After all, if wearing a Palestinian shirt or emblem is unacceptable, then presumably so should wearing an Israeli flag on one’s clothing? But if that is the case, there are a whole list of countries whose flags could anger others on board. Should Russians and Ukrainians be allowed to? And a Kurdish passenger may well be upset by somebody donning clothing with the Turkish flag. One could almost say that no flags or emblems should be tolerated as someone might be upset!

Coincidentally, I was travelling on a train in Bangkok a week ago when I was appalled to see probably the single most offensive T-shirt I have ever witnessed. I can’t write here the actual wording, but it used the most derogatory word in the English language to describe Jesus. I certainly hope that no aircrew would ever permit that shirt to be worn on an aircraft.

Other Conflicts

The plight of the Palestinian people should not be under-estimated, but it is strange how the eyes of the world are fixated on this conflict in particular. For sure, the imagery emanating from Gaza is agonizing to watch and we are simply not seeing anything like that scale of destruction anywhere else. But that doesn’t mean that death tolls elsewhere are not staggering to comprehend.

People are not taking to the streets of capital cities to campaign for the rights of other oppressed groups. I mentioned the Kurds earlier. Despite the thousands killed in their conflict with Turkey and ongoing air strikes (240 Kurdish locations reportedly hit by Turkey in 2022), the streets of European cities remain free from mass protest.

In March this year, the Syrian Network for Human Rights (SNHR) announced that it has documented, “the deaths of 230,224 Syrian civilians, including 15,272 who died due to torture, in addition to the arbitrary arrest/enforced disappearance of 154,817 others, while roughly 14 million citizens have been displaced.” Last year, the Middle East Monitor reported that the Syrian regime of Bashar al-Assad and its allies had been responsible for around 91% of deaths since the start of the conflict. Concern expressed by a few, but no flag waving.

There have been relatively few — and are currently a declining number of — pro-Ukrainian demonstrations condemning Russian military action. Nor for the Rohingyas of Myanmar. According to the United Nations, “860,000 Rohingya refugees are living in settlements across Bangladesh’s Cox’s Bazar district. Most of them, some 740,000, fled from Myanmar during the most recent displacement crisis in 2017. Other countries in the region host some 150,000 Rohingya refugees.” Darfur was topical for a while and, despite an August 2023 United Nations report accusing China of committing abuses that might be considered crimes against humanity against Uyghurs and other Turkic communities in the Xinjiang region, it remains just that — a report.

The Democratic Republic of Congo is host to one of the most significant ongoing catastrophes, yet it receives next to no airplay. The United Nations highlights that, “More than 6.2 million people are displaced within the country and more than one million Congolese have sought asylum, mostly within Africa. At the same time, the DRC hosts more than half a million refugees from neighboring countries.” And since this October, hostilities have increased and the plight of the population has worsened.

Yemen has, according to UN figures, 21.6 million people requiring some form of humanitarian assistance as a result of eight years of conflict in which the Houthis are trying to take control of the entire country. But the world observes in silence. The Houthis, being supporters of Hamas, launched a Qader missile strike on the Israeli port of Eilat on October 31 this year; it was destroyed by Israel’s Arrow missile-defense system. The incident is described by many as the first shoot-down of a ballistic missile outside of Earth’s atmosphere and is, therefore, the first recorded combat ever to take place in space. Most of the threat posed by the Houthis has been directed at maritime interests and, on December 12, they hit — but did not destroy — a Norwegian vessel they claimed was heading towards Israel.

The arguably excessive focus on Israel and Gaza is partially down to the access to social media, and presence of journalists (at great personal risk) in Gaza when compared to the other conflicts listed (except Ukraine). Ships at sea can be targeted but stories of executions, beheadings, and rapes at a music festival, and in the surrounding communities, or the plight of Palestinian women and children dying in their thousands have greater media appeal. But perhaps the West perceives the lack of peace between Israel and the Palestinians as a threat to their own societies … or, perhaps to be more accurate, illustrative of the potential threat to their own societies?

The examples listed, I should stress, are not designed to detract from the humanitarian disaster in Gaza, rather they are directed at a security industry audience who have to react to the unsung conflicts of the globe as well.

Profiling

I have been an ardent supporter and promoter of profiling, but completely reject racial profiling. There is little doubt that the xenophobia that exists within the security services of many states can extrapolate into discriminatory action. No community has experienced this more than those who follow the Muslim faith. For that reason, in training, I try, wherever possible, to use examples of attacks perpetrated by a broad range of adversaries; the attempt is to avoid stereotyping the threat.

Then again, no faith has been a greater victim of Islamist actions than Muslims themselves.

Muslim nations are equally concerned about the actions of groups such as Hamas and so are many religious councils. Indeed, in March this year the Islamic Fatwa Council issued a fatwa decreeing that “Hamas bears responsibility for its own reign of corruption and terror against Palestinian citizens within Gaza” and that it was prohibiting people “to pray for, join, support, finance, or fight on behalf of Hamas — an entity that adheres to the ideology of the Muslim Brotherhood movement”. And, in respect of the Muslim Brotherhood, they define their ideology as being, “The Islamist, violent, terroristic belief system and charter that advocates for the establishment of a global Islamist caliphate by all means necessary.” They even issued a charge sheet that many would have expected to be drafted by the Israeli government rather than an Islamic court.

Again, it all boils down to not tarnishing people with the same brush. The problem is not Islam per se, rather the extremist elements.

And they exist in Israel too. For the past year Israeli society has been divided by the election of a government that, as a result of coalition-building, includes some extremist characters that the majority of Israelis struggle to accept as being suitable to serve in Benjamin Netanyahu’s cabinet. The country has been tearing itself apart as large numbers of civilians have been protesting reforms to the judiciary.

Many believe that the internal divisions within Israeli society were one reason why the October 7 attacks were “successful” — the government had its eyes on internal challenges, including the protection of illegal settlements in the West Bank. These outposts are often “home” to religious vigilantes who believe that they have a biblical claim to the territory in which they reside. The more extremist members of this community are associated with the ‘Price-Tag’ movement whose guerilla attacks on local Arab villages deserve condemnation, yet the more extreme elements of Netanyahu’s government not only support them but openly encourage them to bear arms, officially in order to protect themselves.

Worst-Case Scenarios

From an aviation security perspective, the possibility of an aircraft hijacking perpetrated by suicidal terrorists, a marauding firearms attack at an airport, the bombing of an aircraft or the shooting down of an aircraft in flight cannot be ignored. Complacency is not an option, nor is a failure of imagination.

It’s easy to focus all our attention on conflict zones. Unsurprisingly, despite the success of the Iron Dome interception system, most overseas carriers suspended their operations to Israel within days of October 7; many have since resumed operations. According to the Israel Defense Force, by 5 December Hamas had fired 11,000 rockets towards Israel, 3,500 on the first day of the current period of hostilities.

On December 10, video footage emerged of an Arkia Airlines flight landing at Ben Gurion International Airport amid a barrage of missile attacks emanating from Gaza; some of the video was filmed by passengers on board. The airline has, throughout the conflict, continued to operate flights between Tel Aviv and Eilat.

Conclusion

Whatever your opinion is regarding the current conflict, and regardless as to whether you are advocating for a ceasefire, humanitarian pause or continued military action, the threat to aviation remains ever-present. The greatest threat is posed by Islamist groups, just as they have in the past, prepared to sacrifice the lives of the innocent and even themselves for their cause. Whilst we need to remain vigilant to all types of actions that can disrupt our operations, from unruly passengers through to suicidal terrorists, we now need to be extra alert to the insider threat. It is more than likely that there are some industry employees who, in light of the images they are witnessing and spurred on by the rhetoric and fake news of social media, could somehow justify actions that are incompatible with the goals of the aviation security industry — to ensure all passengers, all crews, all airports and all aircraft are safe from action that could have catastrophic results.

Philip Baum is visiting professor of aviation security at Coventry University, the managing director of Green Light Ltd., and the former editor of Aviation Security International. In 2021, he was presented with a Lifetime Achievement and Contribution to Aviation Security award by Emirates Group Security and Edith Cowan University. He is the chair of both Behavioral Analysis 2024 and DISPAX World 2024. He can be contacted at pbaum@avsec.com

The large-scale movement of Palestinians away from Israeli troops advancing into Gaza is just the latest of many mass evacuations to occur in human history. A case in point: According to the United Nations High Commissioner for Refugees (UNHCR), more than 6.2 million people have fled from the conflict in Ukraine (as of July 2023). Millions more have left their homes — sometimes en masse, other times based on individual initiative — due to conflicts in Syria, the Tigray region of Ethiopia, Myanmar, Afghanistan, and Yemen, among others.

In this article, Transport Security International will look at the security issues associated with mass evacuations in particular, drawing on documents from the Norwegian Refugee Council, the UNHCR, and the Australian Government’s Attorney-General’s Department. We will also tap into the real-life experience of Osprey Flight Solutions, which handles aviation risk management. Our goal is to give TSI readers a sense of the security issues associated with managing mass evacuations, given the increasing possibility that some of them may be faced with such a challenge sometime in the future.

What an Evacuation Is, and Why People Do It

According to the Evacuation Planning Handbook published by the Australian Attorney-General’s Department (part of its Australian Disaster Resilience handbook collection), “Evacuation is a risk management strategy that may be used to mitigate the effects of an emergency on a community. It involves the movement of people to a safer location and their return. For an evacuation to be effective it must be appropriately planned and implemented.”

The circumstances in which both individual and mass evacuations occur are central to what makes them so risky from a security standpoint. In both instances, people are only leaving because they see no other way to protect themselves and their families in their homes, due to the conflict, violence and chaos raging around them. It is this trifecta of danger from hostile players that makes these evacuations so dangerous, and security of paramount importance — assuming that it can be enforced at all.

“Evacuations are one of the most delicate operations in a crisis environment,” said the Norwegian Refugee Council (NRC) document, ‘Considerations for Planning Mass Evacuations of Civilians in Conflict Situations’. “While an evacuation can provide an immediate, lifesaving intervention in the face of an imminent threat, evacuations also carry substantial risks and the dilemmas they evoke can be significant. If humanitarians are faced with implementing an evacuation it means all other options have failed. Siege environments (where evacuations are most likely to be needed) are one of the most difficult operating contexts for humanitarian agencies and the process of evacuating can pose dangers for the affected population and humanitarians alike.”

Managing End-to-End Security Risks

For a security official tasked with protecting people in a mass evacuation, the dangers to be dealt with begin when the evacuation is being planned, and only end when the evacuees have arrived safely at a secure destination where they are being housed, fed, and properly protected.

If at all possible — and in war zones such an “if” can be difficult to achieve — the security official needs to identify areas of potential risk and take steps to deal with them before evacuation begins.

For a mass evacuation even to be feasible, there has to be a consensus among all of the parties involved in the conflict — including aid agencies — that such a movement of people can be executed safely and without interference. “If even one organization raises concerns about the rationale for the evacuation, partners should take this seriously and review (even if only quickly) the logic demanding the evacuation,” said the NRC document. “Critically, it is important to identify who is calling for the evacuation: is it the affected persons themselves? Humanitarians? The authority or state? [And] Are there potential alternative motivations driving them?”

This last reservation is worth heeding, because “some stakeholders may call for an evacuation (and even support it directly) in order to be seen to be doing something about a crisis” the NRC document warned. “This desire to be seen to do something can lead actors to call for an evacuation before the evacuees or humanitarians have even decided an evacuation is necessary.”

Assuming that a mass evacuation has been chosen as the preferred course of action, every step of the process needs to be mapped out to identify security risks. This includes everything from who is allowed to evacuate and how they will be screened to eliminate “bad actors”, to where the evacuees will assemble, how they will be transported (often in some form of vehicular “convoy”), what provisions will be made to feed and protect them en route (including medical support), where their final destination will be, and how they will be taken care of there and for how long.

Key Concerns To Plan For

The business of ensuring security during mass evacuations is an extremely complex and often dicey matter. This TSI article will not pretend to be able to authoritatively identify all of the threats a security official needs to watch out for — but we can highlight some key concerns to plan for.

Now, the task of identifying people to be evacuated and preparing them to leave is best left to professional humanitarian aid agencies. Where the security official needs to step up is in ensuring the safety of transportation to and from the staging sites, plus perimeter and access security. Of key concern is whether or not hostile players may take advantage of such a mass gathering to stage terror attacks designed to inflict maximum casualties — such as the August 26, 2021, suicide bombing near Kabul’s international airport that killed 183 people during the West’s retreat from Afghanistan. There is only so much that anyone can do to prevent/deter such attacks, but all possible security steps should be taken nevertheless.

Once the mass evacuees have been readied for transportation — often on buses and/or trucks — ensuring security along the convoy’s route is a top priority. Again, achieving this goal can be very difficult, particularly if the convoy is moving through territory held by those hostile to the evacuees. “Obtaining reliable guarantees from the parties to the conflict to permit safe evacuation of civilians across the frontlines is a challenge, particularly where the parties to the conflict are using civilians as pawns,” said the UNHCR document, ‘Humanitarian Evacuations’. “Even small-scale attempts to evacuate civilians sometimes require arduous negotiations before the warring parties allow the evacuees to leave.”

Even when mass evacuation negotiations have been successfully concluded, “Humanitarian actors should undertake contingency planning for eventual breaches of agreements on safe access and passage by parties to the conflict,” the UNHCR document advised. “Meticulous forward planning will be critical to minimize potential loss of life and any other risks to the civilian population and humanitarian staff.”

Meanwhile, no matter what ceasefires have been arranged to permit the convoy’s safe passage, security officials should assume that trouble will occur and prepare for it as best they can.

“Regardless of the preparations or negotiations that take place in advance of an evacuation, it is possible that the convoy may come under attack,” warned the NRC document. “There is little concrete advice that can be offered on how to manage such a situation, as it will vary significantly by context and by the nature of the attack. The best thing that can be said is to discuss how an attack will be managed prior to departing on the evacuation … Human rights monitors should ideally be present in all evacuations, but this is particularly true if humanitarians feel that there is a risk of part of the convoy being stopped, diverted or having individuals detained.”

Armed Escorts: Yes or No?

In theory, the risk of a mass evacuation convoy being attacked can be mitigated by it being accompanied by armed escorts. However, unless these escorts have enough firepower and depth to successfully deter/repel attacks along the entire route without provoking hostile players, relying on them may not be a good idea.

“In particularly dangerous environments, humanitarians may feel that there is a need for armed escorts to accompany an evacuation convoy,” the NRC document observed. “The use of armed escorts can carry significant risks however, and at times can actually increase the dangers to the convoy if the escorts are not perceived as neutral. [As such] Humanitarians should make every effort to negotiate safe passage so as to avoid having to use an escort and should only resort to an escort when all other alternatives have been ruled out.”

The Need for a Safe and Secure Refuge

So far, we have touched on the security concerns of assembling and moving people safely in mass evacuations. But these concerns do not disappear once the evacuees arrive at their destination unless that location is truly a safe, secure, and well-equipped refuge.

For this to happen, “An evacuation center should be a safe and secure place for meeting the basic needs of people away from the immediate or potential effects of an emergency,” said the Australian Attorney-General’s document. “While the arrangements across jurisdictions will vary, the primary function should be to address basic human needs and support requirements.”

These needs include essentials such as adequate food, water, shelter and medical care; adequate aid personnel to assist and secure the mass evacuees; and a location that — while accessible to mass evacuees — is at “a safe distance from hostilities, besieged or hostile areas as well as border areas.”

All of these elements should be part of consultations with persons of concern and negotiations with the host government and relevant non-state armed actors, who must remain the guarantors of the physical security of the evacuated populations.

Osprey’s Experience

Osprey Flight Solutions’ mission is to “enable systematic risk management,” said the company’s website. “On their own, data, technology and human analysts cannot deliver objective, consistent and dynamic risk management. But by bringing these essential components together — hundreds of thousands of reliable data sources, an industry-leading analysis team, and a proprietary software package to seamlessly fuse them together — we enable operators, governments and regulatory bodies to truly understand the broad spectrum of risks facing each and every flight and thus the global aviation network.”

In recent years, Osprey has provided risk management services to clients fleeing Afghanistan in 2021 and Sudan in 2023. These included detailed strategic analysis of the aviation situation under the names, “Afghanistan: Analysis of the post-war aviation operating environment” and “Sudan Conflict: Osprey’s analysis of the impacts on aviation.”

Even after the event, both documents make for compelling reading. Take Afghanistan in 2021: “The presence of armed conflict within Afghanistan coupled with heightened levels of crime, social unrest and aviation infrastructure deficits pose logistical constraints to civilian flight operations within the country,” wrote Matthew Borie, Osprey chief intelligence officer. “In addition, the threat of militancy posed to aviation within Afghanistan is highlighted by recent attacks against airports and aircraft inflight. Afghanistan does not meet International Civil Aviation Organization (ICAO) standards for safety, and the security posture at airports in the country varies considerably. Security personnel are unlikely trained to the highest international standards, and staff responsible for safeguarding airport operations likely face severe difficulties in handling significant aviation-related safety or security events.”

Then there’s Sudan in 2023, following the outbreak of armed conflict in April of that year. “Rerouting of civil aviation overflights away from both FIR Khartoum (HSSS) and FIR Juba (HJJJ) is likely to persist in the near team amid the ongoing armed conflict in Sudan between the RSF [paramilitary Rapid Support Forces] and Sudanese Army,” wrote Osprey Aviation security analyst Sean Patrick. “Operators should remain prepared for an ongoing loss of access to Sudanese and South Sudanese airspace for overflights of FIR Khartoum (HSSS) and FIR Juba (HJJJ) until a ceasefire is reached between the Sudanese Army and RSF, or until adequate ANS [air navigation service] provision can be re-established by the authorities in Sudan.”

Reflecting upon these and other volatile situations, Osprey Fight Solutions’ CEO Andrew Nicholson said, “The fact is that any evacuation, whether due to natural disaster or conflict, is extremely difficult and fraught with challenges, logistical and security … The level of confusion, stress, anger, fear and desperation that is felt by those on the ground puts huge pressure on evacuation routes to be less than perfect in their screening. At the end of the day — and having done this operationally, I know the feeling well — those coming in to actually effect the evacuation are desperate to get everyone out. The feeling of doing your bit to protect the citizens of your nation is almost overwhelming. This feeling is extremely difficult to suppress and can, if unchecked, lead to corner-cutting in order to get as many people out as quickly as possible.”

Three Conclusions

TSI’s research into mass evacuations, as explained by experts in this field, has led us to the following three conclusions:

First, due to the difficult circumstances they are typically conducted in, mass evacuations are inherently risky and insecure. As such, every contingency must be examined by security officials with respect to such operations, guided by the assumption that what can go wrong, will go wrong.

Second, security must be considered at every single stage of a mass evacuation. Every element — from identifying and assembling evacuees through transport and eventual arrival at the destination — entails risks due to hostile players.

Finally, although trust is necessary to broker mass evacuations, trust is frequently broken by players who perceive an advantage in deception and deceit. As such, security officials handling mass evacuations must be prepared to cope when this occurs, to keep evacuees as safe as possible when the proverbial hits the fan.

The air traffic control recording was chilling: “We’ve got the guy that tried to shut the engines down out of the cockpit…. I think he’s subdued,” radioed the pilot of Horizon Air flight 2059. The Embraer EMB-175 (see graphic 1) diverted to Portland, Oregon, instead of its intended destination of San Francisco. Once on the ground, law enforcement officials confirmed just how close a 44-year-old off-duty Alaska Airlines pilot — Joseph Emerson — came to bringing down a commercial aircraft with 83 souls on board this past October.

Emerson (see graphic 2) was commuting back home and was authorized to ride in the cockpit jump seat like any airline pilot — a common practice in the industry. He made casual conversation with the crew during the flight before suddenly throwing his headset across the cockpit, announcing “I am not OK,” and grabbing the two red T-shaped “fire handles” on the cockpit ceiling (see graphic 3) meant to shut down the engines in an emergency. To fully activate the system, the handle must be first pulled down, which cuts off fuel, electrical power, and hydraulics to the engine. Twisting the handle then releases halon gas inside the engine to smother a fire. One of the pilots quickly grabbed Emerson and reset the handles. The airline reported that residual fuel remained in the lines, and the quick reaction of the crew restored the fuel flow. The crew then subdued Emerson and got him out of the flight deck.

Just four days before this disturbing event, another pilot — Jonathan J. Dunn — was indicted and charged with interfering with a flight crew over an incident that occurred during a Delta Air Lines flight in August 2022. Dunn, who was the first officer, threatened to shoot the captain after a disagreement over diverting the flight to take care of a passenger with a medical issue. Dunn was authorized by the Transportation Security Administration (TSA) to carry a gun under a program created after the September 2001 terror attacks and designed to safeguard the cockpit from intruders. The Federal indictment stated that Dunn “did use a dangerous weapon in assaulting and intimidating the crewmember.” Dunn has since been fired, and his gun was taken away.

These incidents have renewed the debate about psychological screening of pilots, which initially began in 2015 when First Officer Andreas Lubitz (see graphic 4) locked the captain out of the cockpit of a Germanwings Airbus A320 before intentionally ramming it into the French Alps, killing all 150 people on board (see graphic 5). According to the final report, the copilot started to suffer from severe depression in 2008. In July 2009, and each year thereafter, his medical certificate continued to be renewed. About a month before the crash, a private physician recommended the copilot receive psychiatric hospital treatment due to a possible psychosis, but no aviation authority was informed.

The State of Play of Pilot Mental Health Assessments

The “insider threat” has always been a significant concern with regard to aviation security. The Federal Aviation Administration’s (FAA) regulations require airline pilots to undergo a medical exam by an Aviation Medical Examiner (AME) every six months. The AMEs are trained to determine the pilot’s mental health and fitness to fly. While this process provides a means to vet airline pilots, it relies largely on trusting pilots to volunteer information about their mental health.

Pilots are required to disclose during their medical exam any medications they take and whether they have depression, anxiety, drug, or alcohol dependence. They are also required to report any doctor visits during the previous three years and all medical history on their FAA medical application form. This form includes questions about mental health. Based on the answers on the form and the examination, an AME may ask further questions about mental health conditions or symptoms. The AME can request additional psychological testing, or defer the application to the FAA Office of Aerospace Medicine if he or she is concerned that further evaluation is necessary (see graphic 6).

In addition, commercial airlines often have their own mental health screenings and requirements, and they conduct background checks on prospective pilots. Many airlines – such as Alaska Airlines — have also established pilot peer programs to encourage pilots to talk to other pilots about their problems. Apparently, these efforts are not foolproof in preventing these types of incidents.

Previous Events and a Common Thread

Over the past decade, there have been at least seven airline events in which a flight crewmember was suspected of having intentionally crashed the aircraft, or attempted to do so (see graphic 7). Three of these events occurred in the U.S. or involved a U.S. air carrier. When looking further back three decades, these types of events were less frequent, but equally dramatic. Perhaps the most dramatic occurred in April 1994, when FedEx Flight 705 was hijacked by an off-duty jump seat rider. Facing possible dismissal for lying about his reported flight hours, FedEx pilot Auburn Calloway (see graphic 8) boarded a scheduled cargo flight as a deadheading pilot with a guitar case carrying hammers and a speargun. After a bloody battle with the flight crew, the airplane was able to land safely. Five years later, First Officer Gameel Al-Batouti (see graphic 9) intentionally crashed Egypt Air flight 990, a Boeing 767, into the Atlantic Ocean shortly after takeoff from New York’s John F. Kennedy Airport. All 217 people on board were killed.

Security expert Tom Anthony, a former FAA division manager for Civil Aviation Security who is now the director of the University of Southern California’s Aviation Safety and Security Program (see graphic 10), worked on the EgyptAir 990 case, and studied the FedEx flight 705 event. It was no surprise to him when he heard the testimony of family and friends about Joseph Emerson, the pilot involved in the recent Horizon Air flight 2059. The media reported that Emerson’s neighbors were “shocked” that he was involved in the incident, and that he is “a loving husband and father” to his two young sons. Emerson’s wife Sarah Stretch told reporters that her husband, “…never would’ve knowingly done any of that …That is not the man that I married.” She said she knew her husband was struggling with depression but was shocked over his arrest.

“The number one precondition is severe depression,” Anthony explained. He said that each one of us has three personas: (1) the “social self” that we share with the public, friends, and colleagues; (2) the “personal self” that we share only with our spouse or closest family and friends, and (3) our private “secret self,” which we share with no one. It’s that “secret self” that can be difficult to identify.

Anthony says that a probable factor in the rise of these events is the lack of social support. “The internet has had a huge impact … it has led to a lot more time in isolation.” In addition, he says “the internet allows people to indulge in their private side … kind of a “mal-private self.”

He explained that Callaway from the FedEx, Lubitz with Germanwings, and Al-Batouti all had previous incidents “that were ignored or not captured.” All displayed symptoms of depression such as insomnia, unwillingness to engage in normal conversations, and other common indicators.

“We have to acknowledge that mental conditions can be hazards … just another hazard that needs to be identified and mitigated,” he said. “We need to find better ways to “identify behaviors that point to hazards.”

Anthony also believes that the current shortage of airline pilots is another factor that is exacerbating the problem. Pilots that are being hired do not have as long resume with former companies in which background checks can be performed. Also, there has been a marked decrease in the number of pilots that have military backgrounds. There is “less opportunity to know them,” explained Anthony.

Mitigating the Risk of Suicide by Aircraft

The Germanwings tragedy highlighted the importance of monitoring airline pilot psychological health. As a result, the FAA chartered a Pilot Fitness Aviation Rulemaking Committee in 2015 to assess methods used to evaluate and monitor pilot mental health and to identify possible barriers to reporting concerns. The final report concluded that “the best strategy for minimizing the risks related to pilot mental fitness is to create an environment that encourages and is supportive of pilot voluntary self-disclosure.”

The report also noted, “Early identification of mental fitness issues leads to better results.” The committee offered recommendations including the use of pilot assistance programs and stated that when a culture of mutual trust is created, pilots are less likely to conceal conditions and more likely to seek help for mental health issues. This is similar to the work that the airline industry successfully performed in the 1990s to remove the stigma around alcoholism.

To its credit, the FAA responded to the committee’s recommendation on a number of fronts. During the last several years, the FAA has invested in more resources to eliminate the stigma around mental health in the aviation community so that pilots seek treatment. This includes: increased mental health training for medical examiners; support of industry-wide research and clinical studies on pilot mental health; hiring additional mental health professionals to expand in-house expertise and to decrease wait times for return-to-fly decisions; completed clinical research and amended policy to decrease the frequency of cognitive testing in pilots using antidepressant medications, and; increased outreach to pilot groups to educate them on the resources available

The FAA asserts that it is a misconception that if you report a mental health issue, you will never fly again. In fact, the FAA states that only about 0.1% of applicants for a medical certificate who disclose health issues are ultimately denied a medical, and then only after an exhaustive attempt to “get to yes.”

A New Push for Answers

In response to this issue, the National Transportation Safety Board (NTSB) hosted a “Summit on Pilot Mental Health” this past November. The agency’s chair, Jennifer Homendy, has been a vocal critic about the issue. “There’s a culture right now, which is not surprising to me, that you either lie or you seek help,” said Homendy during the forum. “We can’t have that. That’s not safety.”

Homendy called for some form of an amnesty period from the FAA where pilots who have experienced issues can discuss their situation openly without fear of repercussions. “We are all human,” Homendy said. “Who hasn’t among us faced some sort of crisis in our lives? We expect pilots will be some superheroes and continue on as if nothing’s happened in our lives … Everyone is in need of help at some point.”

The day before the NTSB Summit, the FAA announced that it was appointing another Rulemaking Committee to examine pilot mental health “to provide recommendations on breaking down the barriers that prevent pilots from reporting mental health issues to the agency.” The committee will include medical experts and aviation and labor representatives, and will build on previous work the FAA has done to prioritize pilot mental health. In addition, the FAA will work with the committee to address open recommendations from a July 2023 audit report from the Department of Transportation Office of Inspector General (OIG) regarding pilot mental health challenges.

The DOT OIG report confirmed that the FAA’s ability to mitigate safety risks is limited by pilots’ reluctance to disclose mental health conditions. Primary factors that discourage pilots from reporting are the stigma associated with mental health, potential impact on their careers, and fear of financial hardship.

The DOT OIG report also asserted that it is imperative that the FAA continue to address barriers that may discourage pilots from disclosing and seeking treatment for mental health issues. Also, a continued focus on this issue from the FAA and industry stakeholders could improve mental health outcomes for airline pilots and enhance the FAA’s ability to mitigate safety risks.

As drones become increasingly popular with the public, their intrusion on airport airspace is becoming an increasingly serious problem. To find out what can and is being done to counter the airport drone threat, Transportation Security International (TSI) sat down with two experts in a virtual roundtable. Jeffrey Starr is chief marketing officer with D-Fend Solutions, a global provider of counter drone solutions for sensitive and challenging environments. Leo McCloskey is vice president of marketing with Echodyne, whose radar equipment can be used to detect and track drones.

TSI: Just how serious is the threat of drones impinging on airport airspace?

Jeffrey Starr: First, the physical safety risk is significant. Studies have shown that common commercial drones with heavy payload capacity can cause severe damage to aircraft, including shattered windshields, penetration and inhalation hazards, and lost optics. Ultimately such collisions could require emergency landings.

Even at slow speeds, such collisions could cause plastic damage and extensive deformation to aircraft skin, as well as additional damage to internal structures. At high speeds, collisions could cause severe deformations of slat curvature, damage to the leading edges, and even possible penetration of drone debris into the fractured area.

The implications and economic impact are enormous, as reflected in grounded flights, missed connections, angry passengers, and lost revenues. Indeed, the after-effects of a drone incident can lead to serious consequences and substantial financial costs. Therefore, rogue drones operated by the criminal, careless or clueless create many challenging situations for airports.

Looking at use cases or scenarios; it’s not only routine airport operations that are affected by drone intrusions, but also special situations such as a special event or VIPs traveling, whereby the airport might have to take special precautions against hostile drones, beyond the normal threat to operations.

Drone threats to airports are not just a routine safety issue. The threat is very dynamic, and airports must prepare for different scenarios depending on its unique traffic flows and day-to-day operational life.

Leo McCloskey: Given the heavy use of aircraft to move people about, anything that jeopardizes the safety of the national airspace system (NAS) is unwelcome. Luckily we’ve had few actual collisions but we are just a bit of bad luck away from a serious incident.

It’s not just the threat from unwanted or intruding drones, though. It’s also about how drones are integrated into the NAS. Without knowing what good drone behavior looks like, determining bad intent is practically impossible. This state of alertness without actual information about drones causes anxiety, which only elevates the risk to the NAS..

TSI: What examples of such incidents can you tell us about?

Jeffrey Starr: Drone sightings and incidents around airports have increased significantly in recent years. Since the beginning of 2023 alone, there have been serious drone incidents at many airports including Edinburgh, Madrid, Palm Beach, Warsaw, Pittsburgh, Frankfurt, and famously, multiple incidents in Dublin, just to point to a few.

At Edinburgh, flight departures were disrupted and delayed due to an unauthorized drone near the runway. A drone also caused delays at Madrid-Barajas Airport when it was spotted by an incoming flight from Paris.

In Palm Beach, a pilot reported a drone right off the side of an aircraft. Flights have also been suspended at least six times since January at Dublin Airport, causing the diversion of flights to other airports.

In Warsaw, an airplane pilot reported seeing a 3-meter-long UAV flying within 30 meters of an LOT Embraer aircraft as it was landing at Chopin Airport.

Operations at Pittsburgh International Airport were suspended for approximately 30 minutes due to reports of an unauthorized drone sighting on the northern section of the airfield.

A drone sighting at Frankfurt Airport caused flight cancellations and delays, including a 40-minute complete shutdown and 20 canceled flights.

These are just some selected recent representative examples of many that have occurred this year alone.

TSI: Why is this happening with drones? What are the range of motives for people flying drones into protected airspace?

Leo McCloskey: There are roughly three types of drone operators.
What we’d want to be the largest type is the licensed and well-behaved drone operator that follows regulatory guidelines for things like RemoteID.

The second type are those that fly with abandon, without really thinking about rules and regulations. Whether a daredevil or simply confused, drone flight outside the norm is always a risk. Not because of malicious intent, just because of risk and probabilities over time.

The final type of drone operator is the bad actor using the drone with intent, whether delivering contraband to prisons or small explosives to jet fueling areas. We need to protect about types two and three and focus our worry and concern on type three..

Jeffrey Starr: As drones proliferate with increased popularity, greater ease of use, and cheaper prices, the likelihood of incidents near airports rises and the risk they pose to airports grows increasingly higher.

There are diverse types of threats. A careless user causing a collision is the most discussed. But more malicious kinds of threats could include an actual attack by a bad actor, or surveillance or espionage, where malicious actors may attempt to observe an airport for potential future violations.

TSI: What options exist for detecting and intercepting drones?

Leo McCloskey: Detecting is different from tracking, which is very different from identifying and then intercepting.

There are many options to accomplish the task. The minimum requirement is at least two sensors that combine to provide detection through identification, typically radar and optical. The most important component of any system, though, is the command-and-control software layer that harnesses the best of all sensors to deliver comprehensive situational awareness.

Jeffrey Starr: There are multiple technologies that can be deployed to help, but what we must consider with airports is that they are an extremely different sensitive environment compared with the surroundings where traditional legacy counter-drone technologies emerged from, namely the military battlefield.

To understand this problem better, it’s important to examine the multiple functions of detection, identification and mitigation.

The risks associated with a drone at airports have caused many airports to start evaluating options for effective and specialized counter-drone technologies that are suitable for the unique and sensitive environments of an airport. However, reaching the desired levels of airspace safety in the context of increasing rogue drone activity has proven to be particularly challenging, since legacy military technology countermeasures have serious issues in a civilian airport environment.

Counter-drone technologies originating from the military realm have performed well in the environment for which they were originally designed. However, when they enter the sensitive airspace of a civilian airport, many glaring shortcomings become apparent.

For drone detection, radar has played a role for a long time, but in an airport environment radar may generate false positives from not always being able to clearly distinguish between a drone and other flying objects such as birds.

Optical camera-based systems for identification require a clear line of sight, which can be difficult in urban environments or hilly terrain. Acoustic methods are challenged by noisy airport environments and increasingly quiet drones.

Traditional radio frequency (RF) based methods such as directional finders may not be able to locate and track the drone to the highest degree of precision.

More importantly, the challenges are even more steep when considering mitigation, especially when again looking at countermeasures that came from the military sector.

Jamming could be prohibitively problematic to a sensitive airport environment, given the possibility for disruption to communications and operations. It’s also temporary by nature, and the rogue drone pilot could regain control when jamming ceases.

Any type of kinetic/physical mitigation method involving shooting some sort of projectile at the drone, carries with it the serious risk of collateral damage, either from the projectile itself or the downed drone and resulting debris.

TSI: What role does your company’s product play in countering the drone threat, and who is using them today?

Leo McCloskey: Radar is the foundation sensor for nearly every counter-unmanned aircraft system (C-UAS), and we make a very high performing radar at commercial prices without military export controls (ITAR). Our radars are used by dozens of C-UAS systems, DOD/MODs, and policing agencies.

Jeffrey Starr: We are pioneers in a new-generation category of C-UAS, namely RF Cyber. RF (radio frequency) cyber technology can help combat the dangers posed by the growing number of rogue drones flying close to or over airports.

All the challenges associated with legacy C-UAS technologies are the reason why we advocate for an approach based on what we call “cyber detection and takeover mitigation,” where the technology can detect communications between the pilot’s remote control and the drone and ultimately, if desired and necessary, and if allowed and performed by authorized personnel, to take over the rogue drone.

With this approach, not only can such technology perform detection in ways that traditional technologies cannot, but, more importantly, major advantages can come into play during mitigation, especially versus the legacy technologies of jamming and kinetic.

Jamming disrupts the communication between the remote control and the drone but brings challenges because it can also disrupt communications of nearby technologies, and its temporary nature is limiting. Kinetic means of shooting down the drone are obviously not optimal in an airport environment because of the huge potential for collateral damages.

RF Cyber takeover represents a safer and more optimal technology because it allows for continuity, potentially preventing a potential incident from becoming an actual incident while allowing airport operations to continue.

TSI: What are the hurdles confronting airports and their suppliers in the use of counter drone technology?

Jeffrey Starr: The technology challenge is to constantly develop and enhance with innovations that can stay ahead of drone technology and develop and update countermeasures as new drone technologies advance, in a never-ending game which combines cat and mouse with leapfrog.

Market and user education is also critical as brand-new UAS and C-UAS technologies emerge since operators come from using traditional technologies. While there is an education process, the good news is that innovative technology such as D-Fend’s EnforceAir is quite easy to operate for qualified security professionals, who become fluent in it quite quickly.

Another challenge is dealing with the unique parameters of each individual airport. C-UAS implementations must conform to each local environment, as there may be legal and regulatory issues in terms of which security agencies can do detection and mitigation. Solutions must adapt to each environment, according to their local requirements and regulations.

Leo McCloskey: The primary obstacle is that interfering with any aircraft operation is illegal. A drone is an aircraft and, therefore, any mitigation activity is illegal. The legal and regulatory framework for detecting bad actors in the airspace is unprecedented territory for regulatory agencies. It will take time.

TSI: What new, more aggressive options are being developed to counter drone intrusions, and how close are they to becoming reality?

Leo McCloskey: There are novel methods, such as high-powered energy weapons, for interdicting rogue drones. The challenge is less technical and far more legal and regulatory.

Jeffrey Starr: Policymakers, regulators, security agencies, and airport operators around the world have been taking steps to deliver strong messages that operating unauthorized drones near airports is illegal, and could lead to financial penalties, criminal charges, and even imprisonment.

An understanding is emerging that during what may be transitory periods for airports, an ideal solution could encompass both passive detection to raise the airport’s situational awareness, with a migration path to eventually extend to also include full, seamless, simple, and safe mitigation capabilities, as policies and regulations permit.

The new-generation counter-drone technology, RF Cyber, is showing promising results for airports for both detection and mitigation. RF cyber-detection solution is showing agility, providing airport security personnel with the ability to quickly adapt.

Unlike various legacy anti-drone technologies, new generation RF cyber-detection detects and tracks both authorized drones and rogue drone threats, providing situational awareness along with a rich set of capabilities, including accurately tracking drone location, home location, and drone operator location.

The system understands the unique identifiers of each drone. Once a drone is classified as ‘authorized’, it would be labelled as such and be allowed to fly undisturbed in defined areas. The ability to distinguish between authorized and unauthorized drones would ensure continuity for drones performing essential functions at the airport. Airport security staff can choose how to utilize the information to contend with the risk and achieve optimal operational continuity.

When permitted by local regulations and policies, and performed by authorized security agency staff, RF-cyber takeover mitigation capabilities can be activated.

Detecting and, when permitted, mitigating the rogue drone threat quickly and efficiently can help maintain safe airport operations. Such a system could assert control over rogue drones and land them safely in a designated zone, as allowed by regulations and performed by the authorized personnel.

Airports could be empowered to detect threats without excessive burden on human resources, disrupting communications systems, or damaging existing infrastructure.

These cyber counter-drone systems must include stationary configurations specially designed for the unique requirements of airports, with enough long-range coverage for airport deployments to protect the airports’ airspace. The sensors must protect the approaching and takeoff air corridors. The hardware should be designed to withstand any extreme environmental conditions of the airports’ location.

Airport security, safety and continuity would be further facilitated by preventing the drone pilot from regaining control over the hostile or rogue drone, thereby smoothly mitigating the threat. Airport authorities could receive preventative alerts while providing crucial data — such as drone takeoff and pilot remote control locations, so authorities can deal with specific flights and dispatch appropriate personnel.

TSI: Finally, is the drone intrusion problem likely to become more serious in the future? If yes, then should airport authorities plan to become more proactive in addressing it? Will they need their own counter-drone force to knock these drones down?

Leo McCloskey: As soon as a tragic accident involving a drone occurs, this will become a very serious issue. Let’s recall what happened after September 11, 2001, — the entire airline industry was grounded for days in one of the largest markets in the world. What do you think will happen if a drone causes a tragic incident?

Jeffrey Starr: Certainly, as airport traffic and capacity grow alongside a proliferation of drones, the problem will grow more severe and dangerous. This combination increases the potential for risk and the potential demand for this kind of technology to be able to take over in those situations.

Having said that, new-generation technology such as RF Cyber is not anti-drone, on the contrary. These enable the new drone economy, so it’s especially important that more sophisticated technologies emerge, which for example can distinguish and identify between a friendly authorized drone and a hostile unauthorized one.

It’s becoming increasingly clear that sensitive airport environments will benefit from advanced and innovative defenses against rogue drones that are also themselves focused on safety and control. Technology should also conform and evolve with current regulations and be future-ready as regulations rapidly evolve to confront the recognized threat.

Airports rely on uninterrupted operations. A new generation of RF cyber detection and mitigation technology could help assure that airport operations continue to run as usual. Continuity prevails as flights, communications, security, and everyday life in the protected airport area proceed smoothly.

Preparedness facilitates greater alertness of threats to security through continuous assessment of evolving risk, robust and repetitive training and routine practice, as well as clear escalation and response procedures, and ongoing quality assurance.

As new, and often unpredictable terrorist tactics emerge, it is imperative that the security industry evolves with the changing security landscape where high-volume public spaces and transport networks have become a prime target for terrorist attacks designed to achieve maximum notoriety. Industry should support working collaboratively towards setting standards for the effective application of security measures and processes in large public spaces and transport infrastructure, underpinned by rigorous and certified training standards, practices and outcomes.

Leading the way is aviation security, reinforced by a mandated syllabus and quality assurance framework that is overseen by the Civil Aviation Authority (CAA), with performance and quality-based metrics. The robustness of aviation security training processes enables better preparedness across a broad range of threats and vulnerabilities with a capability that is standardized and reliable in its delivery of threat mitigations which are repeatedly assessed to be assured of their effectiveness.

Aviation security trainers are certified by City & Guilds or are required to have a Certification Instructor Number (CIN) validated by the CAA, but this level of certification is not yet pan-sector wide. Outside of aviation security training, quality assurance is not framed in legislation and in many cases by any form of directive. Without a requirement for academic or vocational qualification, many organizations employ trainers without certification of theoretical study and practical experience of an accredited syllabus. Alarmingly, some security trainers are wooed by available courses that allow them to breeze through within a short timeframe, leaving them ill-equipped to provide effective protection.

The public should have the assurance that security personnel have been trained to the highest standard to deliver the outcomes of accredited knowledge transfer confidently and effectively. Furthermore, after initial training, periodicity of assessment and refresh are crucial to maintain readiness for action and the required level of protection.

Behavior Detection Awareness

Industry has a duty to analyze training needs more effectively to enable more robust delivery and better preparedness.

Behavior detection awareness skills play a significant role in achieving preparedness of security personnel in high footfall spaces and infrastructure. The ability to detect unusual behavior, such as individuals working later or starting earlier than normal, someone carrying a bulging rucksack or someone who looks nervous, jumpy in a public area, is crucial to prevention activity.

All personnel who encounter people, are located close to vehicles, or sit behind a CCTV camera, should undergo behavior detection awareness training (as a minimum) to help mitigate risk. The training hones observation skills to identify potential hostile reconnaissance, preparatory assessments, dry runs or approaches to an attack, and sharpens an individual’s instincts to share suspicions with their superiors. Behavior detection awareness training can be provided at low cost and implemented at pace, yielding high impact results to reduce risk and to better protect the public.

A higher level of behavior detection training can be provided for security staff to become behaviour detection officers with the necessary tools and skills to respond swiftly. By shifting the security sector mindset to be pre-emptive and prepared, threats can be identified and intercepted to prevent activity escalating to catastrophic effect.

Working with Technology

As technology advances, increasingly sophisticated security equipment is being deployed in airports but across critical national infrastructure and spaces that attract high volumes of people security equipment is largely limited to expensive CCTV systems.

No matter how advanced the CCTV system is, the user must be fully trained in the use and aims of equipment and its capabilities. CCTV cameras can act as a deterrent, and images can be used as evidence post-event, but it is unfeasible for the user to have eyes on ten CCTV screens all at once, to notice suspicious behavior that is caught on just the one camera, and then act to intercept.

An advanced CCTV camera system can be programmed to spot irregularities to the pattern of life, such as a large crowd of people moving at one mile per hour on the concourse of a city train station. If a camera spots a static item or someone running, the camera will bring these to the user’s attention, but it cannot make the decision to respond or act. Therefore, users need to have the knowledge, skills and behavior to respond to whatever has triggered the technology, because if it is left unmanaged, the consequences could be lethal.

Without investing in knowledge transfer and response skills through proper training, a high-tech system can provide a false sense of security. In a trained environment, the user behind the camera will report the trigger to a behavior detection officer, who is trained to escalate an interceptive response.

To better protect people in large public spaces, pan-sector, the security industry needs to take control of the standard of training input to control the standard of output. The more inadequate the training, the more serious the consequences and therefore it is critical that training input does not merely skim the surface and tick a box.

Quality Assurance

Quality assurance of security through covert and overt testing aims to obtain a clear picture of security effectiveness and to quickly identify any failing mitigation.

Embedded within an organization’s established systems and processes, covert testing serves to identify gaps in measures and procedures, and to provide recommendations for improved preparedness.

If businesses and organizations are paying millions of pounds for security equipment, resources and complex operations, they must be confident of the return on investment and that the security provision will mitigate the risks it is designed to identify.

Deployed in the aviation industry, Security Management Systems (SeMS) provide airports with the means to identify and address security threats, gaps and weaknesses in a consistent and proactive way, such that people can be confident that security practices are effective and quality assured.

In 2021, the UK Civil Aviation Authority (CAA) published a whitepaper outlining the importance of incorporating SeMs into the daily operations and culture of an airport. With mandatory SeMs on the horizon, airports should be looking at holistic, digital SeMs that can provide an error-free and clear picture of all security activities, from tasks, audits, training, employee background and more, to improve risk management and quality assurance.

To add another layer of quality assurance, Redline Assured Security is pioneering a synthetic testing service to enable frequent assessment of airport security screeners in high numbers. Qualitative testing of entire cohorts of screeners in a simulated environment means training programs on emerging threats can be rolled out at speed. Whilst effective for smaller operations, covert testing allows for a comparatively reduced number of screeners to be trained on-site at once, providing only a sample insight into screener performance and their confidence in identifying and acting upon threats.

Working Collaboratively

It should be without question that security trainers or training organizations can be relied upon to deliver effective programs that are aligned with outcomes to prevent or mitigate risk and threats. Sub-standard training results in less than acceptable detection, deterrence and response procedures, which can result in criminal activity escalating into the lethal space.

As an industry, we have a duty to enforce better management of quality assurance frameworks across the entire security eco-system so that the buyer is assured of continuous improvement of meaningful inputs, aligned to analyzed objectives, to ensure the right outcomes first time.

About Paul Mason

Paul Mason is managing director for Redline Assured Security, part of Air Partner Group, a Wheels Up company. With over 25 years of aviation experience, Paul was at the helm of Redline from inception in 2006 to acquisition by Air Partner in 2019, guiding Redline from a concept through to the internationally acclaimed security training, consultancy, and quality assurance company that it is today. The division offers an unmatched range of products and services spanning all aspects of safety and security, training, consultancy, quality assurance and innovative software products to cater for the needs of tomorrow’s threats and risks as well as big data handling, live data analytics and real-time threat and risk management.

www.airpartnergroup.com

www.trustredline.co.uk

In the modern era of technology, convenience and efficiency have become paramount, especially when it comes to travel arrangements. With the ease of online booking, sharing airline booking numbers and last names has become common practice, but what may seem like an innocuous act unfortunately can actually lead to a severe security vulnerability that still needs addressing.

Airline booking numbers, often referred to as Passenger Name Records (PNR), are unique identifiers assigned to each flight reservation. These alphanumeric codes, along with the traveler’s last name, are routinely shared through various means, such as email invitations, shared calendars, and messages with friends or colleagues.

Most people are unaware of the potential risks associated with sharing this sensitive information, but in this blog, we’ll explore this unsettling security issue surrounding airline booking numbers and the lack of authentication that allows unauthorized individuals to make changes to your flights — something that could lead to potential disruptions of your life and even financial losses.

How Airline Booking Numbers Can Be a Gateway To Unauthorized Flight Modifications

These consequences are not hypothetical — I’ve personally witnessed them within my own family.

It was a beautiful summer day in Seattle when I found myself visiting my sister’s cozy home for a much-awaited family reunion. Though we were all excited to spend time together, as I stepped into her living room, my sister greeted me with a slightly troubled expression on her face.

“You won’t believe what I just did,” she exclaimed, looking a bit flustered. When I asked what had happened, she began to narrate the incident with a sigh.

Earlier that day, she’d decided to make a minor modification to her upcoming flight with British Airways, and like many others, she turned to the internet for the airline’s contact details. She landed on what she thought was British Airways’ official website and quickly found a toll-free 800 number — without pausing to double-check the website’s authenticity, she dialed it and was greeted by a pleasant voice claiming to be a representative from British Airways.

Oblivious to the potential danger that lurked ahead, she proceeded with her intention to modify. The “representative” asked for her booking number, her last name, and then the shocking request for her credit card information.

“That’s when I started feeling something was off,” she confessed. “I mean, why would they need my credit card details to make a simple flight change?”

Listening to her story, I immediately sensed the gravity of the situation. It was evident that she had stumbled upon an imposter posing as British Airways’ customer service, though she’d been lucky — having realized that she might be caught in a potential scam, she wisely hung up the phone before any further damage could be done.

However, the story didn’t end there. The scammer on the other end, displeased with her decision to terminate the call, took spiteful action. Without a second thought, they maliciously canceled her non-refundable ticket to Europe, leaving her distressed and baffled. She promptly contacted British Airways’ official customer service, and to her surprise, they informed her that the cancellation had been done online, and she had initiated it herself.

“That’s impossible,” she argued. “I didn’t cancel it!”

As no one else in her household had access to her personal information, it became clear that someone else had manipulated her booking and caused the cancellation. As we delved deeper into the situation, it dawned on us that her personal information must have been compromised during that seemingly innocent phone call to the fake customer service number — the imposter had cleverly gathered the necessary details to access her account on the official website and make the sinister alteration.

The Potential Consequences of Security Flaws in the Airline Industry

My sister’s unfortunate experience not only served as a cautionary tale but also got me thinking about the larger security issue that travelers face due to the lack of proper authentication methods employed by airlines.

While my sister was lucky to escape worse consequences, that lack of robust authentication in the airline industry allowed someone with malicious intentions to easily exploit what they did manage to gather from her, leading to unauthorized access and unauthorized changes to her flight.

It’s a significant security flaw that, by obtaining your booking number and last name, malicious actors can gain the power to manipulate your travel plans without your knowledge or consent — what’s worse is that this also opens the door to a range of other unsettling possibilities:

• Flight Changes: Unscrupulous individuals can modify your flight details, altering the date, time, or destination without your knowledge — imagine arriving at the airport only to find out your flight has been rescheduled, causing undue stress and inconvenience.

• Flight Cancellations: In a worse scenario, hackers can cancel your flight altogether. This could lead to missed events, important meetings, or once-in-a-lifetime opportunities.

• Identity Theft: Airline booking numbers, when combined with personal information, can be exploited to commit identity theft, leading to more severe consequences beyond flight modifications.

• Financial Loss: Unauthorized modifications can result in extra fees, penalties, or the loss of non-refundable tickets, leaving travelers with a financial burden they did not anticipate.

How to Improve Cybersecurity in the Airline Industry

To protect their customers’ sensitive information and provide peace of mind to travelers, the airline industry must acknowledge and address this glaring security issue — here are some baseline (yet essential) steps that airlines and booking platforms should implement to get started:

• Two-Factor Authentication: Implementing two-factor authentication (2FA) would add an additional layer of security, requiring users to verify their identity through a second method such as a one-time code sent to their mobile device.

• Encryption and Tokenization: Robust encryption and tokenization techniques can help safeguard sensitive data like booking numbers and personal details from unauthorized access.

• User Education: Airlines should boost awareness among travelers regarding the potential risks associated with sharing booking numbers and last names — and thereby promote responsible sharing practices.

• Regular Security Audits: Conducting routine security audits and vulnerability assessments will help identify and rectify potential weaknesses in the booking systems.

Security Standards Suitable for the Airline Industry

Regarding the final point about audits, there are a few standards that can help airlines and booking services shore up this security flaw, as well as other vulnerabilities that may be lurking in industry cyber defenses:

• NIST Cybersecurity Framework (CSF): A set of guidelines and best practices designed to measure and track maturity as an organization grows and its threat landscape evolves; implementing and being assessed against the NIST CSF can improve your critical infrastructure so that you can better manage and reduce cybersecurity risk.

• PCI DSS: Whereas the NIST CSF takes a broader scope of your cybersecurity, PCI DSS concerns itself particularly with the controls you have in place to protect payment card data and its environment from unauthorized access or use, of which multi-factor authentication and encryption are requirements.

The airline industry is not unique in facing cyber threats, and these standards — and the third-party assessments that independently validate the efforts they require would be worth the investment as threats continue to grow more sophisticated across all sectors.

Moving Toward More Secure Air Travel

The ease with which airline booking numbers and last names are shared presents a serious security concern that must not be overlooked. As passengers, we must be vigilant and mindful of where and with whom we share our booking details, but airlines must also prioritize the implementation of robust security mechanisms to safeguard their customers and preserve the integrity of the travel experience.

Through the implementation of adequate authentication measures validated thoroughly by regular security audits, travelers will become less vulnerable to unauthorized flight modifications, cancellations, and potential identity theft, just as the airlines themselves will become less likely to suffer the negative consequences associated with customer dissatisfaction.

By raising awareness and taking necessary precautions, we can collectively ensure safer and more secure travels in the digital age.

About the Author

Avani Desai is a chief executive officer at Schellman, the largest niche cybersecurity assessment firm in the world that focuses on technology assessments. Ms. Desai is an accomplished executive with domestic and international experience in information security, operations, P&L, oversight, and marketing involving both start-up and growth organizations. She is a sought-after speaker as a voice on topics such as security, privacy, information security, future technology trends, and the expansion of young women involved in technology.

The aviation industry had a tough dig out of the Covid-19 pandemic hole, but now, airports and airlines appear to be back booming with full passenger loads and enough construction to last a lifetime. Much of the focus over the 2021-2022 rebuilding period was on staffing level. Aviation employers could not seem to get qualified personnel through the doors, trained up, and out into operations quick enough. There was a real lack of operational grasp and disengagement in security culture. Thankfully, as an industry, we all got “back to basics” to re-energize the culture and refine the fundamentals to an accepted level of compliance.

Aircraft Search: Daily Challenges and Best Practice Review

The topic of aircraft cabin search remains relevant and ever evolving. In October 2020, I had the privilege to write a piece (for what was then ASI Magazine) examining aircraft cabin search and the daily challenges and best practice to reduce inconsistency and make the operation as effective as possible. Fast forward three-plus years, it is important as security practitioners that we revisit the foundational concepts that build out our security programs with the intent of continuous improvement. Plus, with today’s threat landscape across the globe, aviation (and all critical infrastructure and security sectors for that matter) will continue to be a high target for attack.

As a little bit of back story, my previously published article from 2020 outlined several of the daily challenges security organizations and stakeholders faced with aircraft cabin search operations. These included delivery of effective training (specific training for various aircraft cabin configurations plus adapting to your demographic and audience), the stress of a highly regulated environment, poor utilization of equipment, lack of management and operational pressure. To tackle many of these challenges, there are basic steps an organization can apply for oversight measures. Or possibly look at a larger strategy adjustment to achieve a more consistent operation and higher level of performance.

Unfortunately, our world continues to be faced with emerging threats and ongoing conflict. And the trouble is not siloed to physical incidents. Multiple industries are now seeing a large uptick in cyber crime as well; so, protecting and checking for data accuracy also needs to become top of mind.

This article is broken down into multiple sections. Each section briefly discusses a stakeholder’s perspective and approach to achieve optimal compliance in aircraft cabin search.

The Airline’s Perspective

There has been a drastic change on the airline side and their view of security. In past years, security was a pesky cost added and required on a station’s P&Ls, but now it is prioritized and planned into the daily operations. The concept of CPTED (crime prevention through environmental design) has become more prevalent these days when approaching integration of security.

As an airline that’s placed security as a top priority for a very long time, Virgin Atlantic has taken some further steps to ensure compliance. In a recent conversation with Gareth Cross, AVSEC manager: regulations and compliance for Virgin Atlantic’s Corporate Security Department, he stated that the organization shifted to a risk resiliency and SeMS approach to security. Now, as part of a proactive measure, the Corporate Security is seen as a consultant and partners with the engineering group during the design phase of aircraft and collaborates in the decision-making process to ensure compliance with the company’s security program, as well as the multitude of civil aviation regulations and Transportation Security Administration (TSA) programs.

Let’s examine the life vests on an aircraft. Here in the United States, the TSA requires foreign carriers to either seal their life vest compartments, which then requires the security provider to inspect the seals for any evidence of tampering. Otherwise, each individual life vest must be removed from the pouch or compartment and thoroughly inspected for prohibited items. Some of the newer life vest technology that is being utilized by many airlines does not quite meet some standards. Although sealed, the design still allows for the concealment of small, prohibited items. In addition, the way some life vest compartments are affixed underneath the seat allows for more potential concealment space, and the location is difficult to spot for the security team. Doing the proper research and selecting the appropriate life vest compartment design will reduce the vulnerability and have a direct impact on compliance.

The Security Provider Perspective

Security companies continue to be faced with ongoing challenges, so it is critical that an organization places heavy emphasis on a strong security culture to mitigate risk. Within the framework of security culture, we can typically break it down into three functional areas: people, processes, and technology. If the fundamentals of aircraft search have been established, then further assessment of the functional areas will allow a security provider to put focus on continuous improvement. First, let’s cover refining processes within quality control, then discuss where technology fits into the equation.

For quality control processes, routine testing is a solid best practice. If you are looking to achieve the highest level of effectiveness from the company’s covert testing program, it’s essential to think about the approach and methodology towards covert testing, otherwise you may end up with a false sense of security. In other words, just conducting covert tests is not sufficient; the planning, execution, and follow up is critical.

There are a few considerations that should be applied towards the covert testing methodology:

• Types of test pieces being utilized.

• Placement of the test piece and accountability.

• Who was involved during the test.

• Documentation and reporting.

Starting with test pieces, the approach here needs to be a holistic one. More often than not, security officers have fallen into a complacent pattern of searching for a specific test item. If a company is constantly testing the team using this one specific item, the daily routine has now become search an aircraft for the “orange ball.” The search mindset needs to change to item recognition. It is not about looking for the “orange ball”; the mission must shift towards what item does not belong on the aircraft. As we all know, threat items can be disguised as anything!

Selecting the test pieces for a covert testing program is a very sensitive area that requires careful consideration and collaboration for multiple stakeholders. One popular opinion is to utilize lifelike test pieces that will require a heightened level of vigilance from security officers. The upside to this strategy provides more of a real-world simulation, raising the performance bar for compliance, but the risk level for potential lack of accountability becomes severe. If a test piece goes missing and is potentially found while in-flight, a disruption to operations will come at a very high cost to an air carrier. It’s recommended that any sensitive test pieces be approved by the specific air carrier, and loop in your regulatory partners.

The execution of a covert test requires planning. It is important the security providers are familiar with the aircraft configuration and conduct tests in multiple areas. Repetitive test piece placements will ultimately result in a false sense of security and lead to complacency among the security team.

The last component here for covert testing is the emphasis on documentation and effective reporting. Putting the mechanisms in place to gather a wide range of data will prove invaluable when the shift to proactive mitigation is put into place. If an organization has the capability to track the trends of who located or missed a test piece, where it was placed, the type of aircraft, what type of item was used, now more effective decisions can be made going forward on operational procedures. Could failures be due to a gap in the training program? Does the current SOP not require a specific area to be searched? Is a change needed in the staffing plan? These factors can now all be data-driven decisions.

Aside from the covert testing, another key layer of quality control involves paperwork review, and verifying people versus time. And what this boils down to is the accuracy of data. This is the area where technology can play a pivotal role.

An effective aircraft cabin search is going to average a certain amount of time, with a designated amount of security officers assigned to the task. Conducting frequent reviews of the flight turnaround data will help to ensure a level of consistent service is maintained. If there are any anomalies, those instances will need to be investigated. For example, if on a given day two security officers search an entire widebody aircraft in 30 minutes which usually takes a staff of eight officers, that needs to be marked as a red flag and investigated. Currently, there is proven technology out in the market that can be utilized to track and trace airport personnel movements. Having a platform such as this in place provides that layer of transparency for auditing operations in real time.

The Regulatory Perspective

Aviation security regulators remain focused and vigilant on keeping the traveling public safe. And the same core mission applies to all transport sectors — including maritime, railroad, bridges and roadways. Here in the U.S., the TSA will continue to utilize their intelligence to prepare for emerging threats.

It is important to remember that security regulators and inspectors are on our team. The purpose of any government and/or civil aviation authority audits are to ensure all stakeholders are maintaining an acceptable level of compliance based on a determined threat level. They are not out for the “we got you” mentality. The goal is to establish the assurance that aviation is operating at an optimal level of public safety (this includes the aviation workers as well).

The best way to develop a solid working relationship with the regulatory entities is through communication. Set up a regular meeting cadence. Topics on the table for discussion can include local and foreign concerns, joint-testing and audits, best practices, and clarifying any unclear regulatory guidelines. Having this type of relationship and open dialogue in place between stakeholders will have a direct positive impact on compliance and culture within the security scope.

About the Author

Douglas O’Mara is based in New York and works for Global Elite Group, the U.S. aviation security division of Securitas Transport Aviation Security. He is senior vice president of performance and regulatory compliance, with focused oversight of company AVSEC training, quality control, safety, and regulatory. Doug is an ICAO AVSEC PM and Airport Certified Employee – Security (American Association of Airport Executives). He can be contacted at domara@globaleliteinc.com.