On 9 September 1949, a Canadian Pacific Airlines DC-3 exploded near Sault-au-Cochon, Québec, killing 23 people. The wreckage is visible in the photo below. Two weeks later, Albert Guay was charged with having placed a dynamite time bomb in his wife’s suitcase with the intent to kill her, circumvent a divorce, and claim $10,000 in life insurance money for him and his unknowing mistress.

Guay and two accomplices were hanged in Montréal – including the last woman executed in Canada. Amidst international news coverage, the bombing marked the first solved case of sabotaging a passenger flight for criminal purposes, ushering in an era of attempts to exploit civil aviation vulnerabilities, often with devastating consequences.

Whether domestic or international, air travel is more critical than ever to the global economic, political, and social realms. It is estimated that 2019 will see more than 4.5 billion scheduled passengers and 40 million flights handled by the international civil aviation industry – almost double the quantities from only 15 years ago.

Based on today’s security efforts, each of these passengers must undergo an in-depth, rigorous, often time-consuming, and sometimes ineffective security screening process prior to being permitted into the restricted departure zones. These procedures have evolved with advances in technology and screening techniques as well as best practices that result from the collective experience (typically from past vulnerabilities that failed to intercept acts of violent extremism).

Since its mass commercialization in the 1930s, civil aviation has borne a significant risk for terrorist attacks in the form of assaults, bombings, and hijackings. This is particularly true for national carriers – those high-profile symbols of national sovereignty on the international stage – which, in many ways, are less protected than consular or military facilities. While cargo carriers or smaller chartered airlines still bear marginal risk, virtually all terrorist attacks against civil aviation have targeted recognized national carriers.

Security screening to detect the growing sophistication of weapons and explosives, along with personnel screening to detect potential assailants, will never be flawless in theory or practicality.

Organized crime and terrorism are innovation-led enterprises based upon ongoing rational cost-benefit-analyses and long-term risk calculations. Changes in the material of weapons or explosives, for instance, will continue to be developed in order to circumvent existing screening methods.
As we saw in Brussels and Istanbul (2016), or Fort Lauderdale (2017), an event targeting the terminal itself might well prove a viable alternative when screening becomes too fortified to easily infiltrate.

Large, high-density numbers of civilians, the high-profile symbolism of international air travel and critical infrastructure, the presence of foreign nationals, and the assessed long-term devastation to civil society and the international economy, make attacks against civil aviation a regrettably rational choice for terrorist groups or lone actors of any ideological stripe.

As improved technology and best practices continue to rectify past failings in airport security measures, new methods to circumvent those gains will be designed and implemented. It is a continuous game of cat-and-mouse in which lawful authorities must embrace new technologies and continually implement proactive lessons learned to maintain an upper hand.

Enhanced pre-board screening in Canada
Founded in April 2002 in response to the 9/11 terrorist attacks, the Canadian Air Transport Security Authority (CATSA) is responsible, either directly or through contracted personnel (such as G4S, Securitas, and GardaWorld), for “screening persons who access aircraft or restricted areas through screening points, the property in their possession or control, and the belongings or baggage that they give to an air carrier for transport.” CATSA provides services to 89 airports across Canada and is responsible for administering the Canadian Air Carrier Protection/Protective Program, in which RCMP air marshals operate on select domestic and international flights.

CATSA is also responsible for overseeing the Restricted Area Identity Card (RAIC) system, which was created in partnership with Transport Canada and airport authorities in 2007. The world’s first dual biometric identity card, a RAIC uses both iris and fingerprint verification to permit airport staff access to restricted areas.

According to current security screening policies, typical pre-board screening measures consist of the following steps:

• Have your boarding pass and photo identification ready for verification.
• Place your belongings into bins, pass bins and your carry-on, one-at-a-time, through the X-ray machine, during which an on-site screening officer scans them visually.
• Walk through a metal detector.
• Gather one’s effects at the end of the screening checkpoint.

Additional screening or separate screening of particular items may be required alongside the regular process. This may include the use of a hand-wand device, a partial or full pat-down, a partial or full search of your carry-on bag, entering a full-body scanner, or swabbing baggage, clothing, shoes, or electronics with explosive trace detection, as well as special considerations for items of a religious nature, such as headscarves, turbans, or ceremonial kirpan daggers.

In an effort to streamline the screening process without sacrificing passenger or airport safety, CATSA began implementing a new approach to pre-board screening that distributes staff more efficiently and better utilizes established technologies. CATSA Plus, a trial program that began at the Montréal-Trudeau International Airport in summer 2016, is a screening concept that, according to the web site “combines the latest equipment, technology, and processes that have been successfully tested by CATSA at various airports over the last few years.” The first dedicated CATSA Plus checkpoint was deployed at Calgary later that same year. The program has subsequently been installed at both Toronto-Pearson and Vancouver, while Halifax-Stanfield and Edmonton are expected to sign on in 2019.

While not fundamentally different from the standard technology-intensive screening process, the “plus” aspect of this new approach, in the words of CATSA, “represents enhanced security effectiveness and a more pleasant experience through the checkpoint for air travellers, as the new lines allow for improved customer service and passenger flow.”

With the potential to be adapted to the unique environs of individual airports based on checkpoint size, space, staff numbers, and passenger volumes, this concept is ultimately about getting passengers and baggage through screening faster and more effectively.

Parallel divest stations allow up to four passengers at a time to place their belongings into bins for scanning, allowing them to bypass those who need more time or assistance (such as elderly persons, children, and those with less air travel experience). Unique ID tags are assigned to each filled bin and a photo is taken of its contents.

A continuous belt and remote X-ray image review allows for a constant flow of bins, thereby reducing slowdowns. Screening officers are situated in a remote room away from the environmental distractions of the checkpoint, and images of the X-ray scans are sent to the first available officer. A motorized bag diverter allows screening officers to reject/redirect a bin over to a separate search line, while cleared bins continue to proceed seamlessly. Motorized rollers automatically return empty bins to the front of the line, freeing screening officers from the time-consuming manual task of replacing the bins. At the end of the checkpoint, improved repack areas – in an expanded area with more tables and benches – make it easier for passengers to repack their belongings after screening.

The presence of fewer visible officers, the remote scanning of baggage, and the heightened ease of movement for passengers during and following the screening procedure allows for a more streamlined, faster, cost-effective, and efficient process.

Through CATSA’s new mobile app, Breeze Through Security, passengers are able to check wait times for screening checkpoints, search “What Can I Bring?” lists for carry-on and checked baggage, confirm security restrictions on various items like liquids, foods, personal items, and sporting equipment, find advice for families, seniors and passengers with special needs, and provide feedback directly to CATSA about security screening experiences.

With an incremental rollout that is currently focused on Canada’s largest airports, the CATSA Plus system has been tested and refined on the trial level, with full-scale implementation dependent on federal funding. In addition to tried-and-tested security screening methods such as CATSA Plus, other recent technological advances have opened up new opportunities for airport security screening, and we will highlight these in an upcoming edition of FrontLine.

Enhancements that improve customer service such as a streamlined, coast-to-coast security system that leverages the increasingly security-savvy passenger base, will go a long way toward expediting civil aviation without compromising the safety of people or property.

An animated video produced by CATSA identifies and explains the new features and streamlined processes of the CATSA Plus system.
https://www.youtube.com/watch?v=INwUzjGP3Ek

“Human Intelligence” Security Screening
If you are wondering why Israel’s Ben Gurion Airport has not purchased the full-body scanners (at about $250,000 CAD each) seen in most Western airports, the answer is unsettling. One of Ben Gurion’s security consultants, Rafi Sela, recently told Canadian officials that he could smuggle enough explosives through the full-body scanners “to take down a Boeing 747.”

Israel’s security practitioners therefore, prefer the human intelligence paradigm to the focus on technology-intensive security screening. Rather than in viewing every passenger as a prospective attacker and thereby scanning for potential weapons or explosives at security checkpoints (with sometimes dubious success), a human intelligence-driven model, admittedly both capital- and labour-intensive, does not rely exclusively on physical screening measures encountered at a traditional pre-board screening checkpoint, such as removing footwear or emptying liquid containers. The preeminent example for this face-to-face behavioural profiling model is at Ben Gurion Airport located outside the city of Lod and hub to Israel’s flag carrier, El Al.

Serving approximately 23 million passengers per year (less than half the size of Toronto’s Pearson in total passengers), Ben Gurion is nonetheless heavily fortified. All motor vehicles must be cleared through preliminary checkpoints before entering the airport compound, while paramilitary and military personnel patrol throughout the grounds and terminal, including plainclothes agents. Prior to check-in, departing passengers undergo an intensive, but relatively brief (about five minutes on average) questioning by security agents on standard topics like your relationships with fellow travellers, whether you packed your own bags, recent travels to other countries, your itinerary and activities in Israel, and other common border questions.

Passengers’ passports and bags are labelled with a small neon sticker with numbers one to six, indicating their perceived level of risk. This figure determines the subsequent experience of a passenger as they proceed through security. If a passenger is deemed to be low-risk, they are sometimes permitted to bypass the conventional screening checkpoint.

Using a measure that seems incredibly easy to thwart, even for a novice, passengers may be asked to open their email or social media accounts for inspection by screeners. If passengers do not have electronic devices with them, airport security screeners can provide computers for login. Passengers are asked a second set of comprehensive questions at the boarding gate, based on the sticker given at check-in, and names are checked against information from Israeli and friendly countries’ intelligence agencies.

In a seemingly more effective measure, checked baggage, although processed through typical scanning devices, are also often physically searched, and – at all the airports in which El Al operates – are subjected to a unique decompression chamber that simulates cabin pressure during flight that could trigger explosive material.

Primary criticism for this human intelligence model of screening is that it relies instrumentally on profiling passengers, particularly for those who have travelled to neighbouring Muslim majority countries (with the exception of Bahrain, Egypt, Jordan, Mauritania, and Qatar). Passengers of Arab or Indian background, or those with pro-Palestinian statements on their social media, will often be targeted for more comprehensive security procedures.

Israeli security officials embrace this discrimination as a purportedly necessary evil. However, from a security-centric rather than sociopolitical perspective, racial bias in airport screening is laden with gaps. For instance, such profiling would have missed Jewish-American Samuel Byck, who was killed after hijacking a Delta Air Lines DC-9 on the tarmac of Baltimore/Washington International Airport in February 1974. Nor did profiling help security officers at Lod Airport (today, Ben Gurion) discern the threat posed by three members of the Japanese Red Army, who killed 26 and injured 79 with Kalashnikov rifles and grenades in 1972.

While this framework may work in some cases for the detection of would-be terrorists, it is not designed to identify a potentially violent emotionally disturbed person or other possible “insider threats” within aircrews, both of whom can cause equally devastating blows to civil aviation.

Efficient v Effective
It is important to highlight the concept of security “theatre”; a term coined in 2003 by cybersecurity specialist Bruce Schneier. At its simplest, the concept describes investing in overt security countermeasures that further the perception of security, but in reality, do little in achieving a higher degree of security.

Conventional pre-board screening procedures over the last 20 years are consistently listed among the most prominent examples of security theatre. For instance, despite the significant financial, material, and personnel investments in security screening by the TSA, undercover investigators working for the Department of Homeland Security’s Office of the Inspector General were able to sneak fake guns, knives, and explosives through checkpoints in 2017 with startling ease.

The testing resulted in TSA failing to detect the weapons by anywhere between 70-80% – which the agency stated was a relative improvement from its 95% failure rate of two years prior.

While this is only one example in one country of one agency (albeit one with a significant investment of capital compared to smaller countries), it does highlight the issue that more technology, personnel, and procedures do not necessarily create a net increase in security for civil aviation (or perception thereof). That being said, there is no doubt that an infusion of new technologies and utilizing proactive threat detection measures can improve the effectiveness when discerning possible threats to civil aviation, while also maintaining efficiency in daily operations.

As Paul Wilkinson and Brian M. Jenkins wrote in Aviation Terrorism and Security (1999): “no matter how innovative security personnel are, there is no guarantee that they will always outsmart the adversary.” With this in mind, they go on to assert that two components are fundamental to comprehensive security in the aviation terminal: physical screening by technological means to identify weapons and explosives; and personal screening, a human intelligence-centric approach that seeks identify the would-be hijacker or terrorist. In the simplest of terms, it means a working combination of the former (best represented in Western screening techniques) and the latter (as practiced at the Ben Gurion Airport).
If either of these approaches worked perfectly all the time, the other would be redundant. However, in practice, neither of these approaches will ever be flawless. The security culture of a given locale may focus on one component over the other, but a harmonized framework that looks proactively to both technology and people is more vital than it ever has been before.

Accordingly, in order to render air travel as safe as possible, a seamless and effective physical and personal screening system must be used in tandem with purposeful intelligence sharing, proactive policing, and an understanding of the contemporary global threat environment.
Knowledge of the last attack is not enough – even a brief review of commercial aviation highlights the innovation-driven nature of aviation-borne terrorism.

Each plot to target civil aviation could have been prevented had the security countermeasures that had been learned afterwards, been implemented beforehand. At the same time, however, the accumulation of collective experience and the utility of new technologies, tragically, would not have been possible without these attacks having taken place.

Combining these two elements into a comprehensive and proactive security screening framework that utilizes the best technological advances along with conventional investigative techniques can empower security practitioners with the best odds to identify, intercept, and even deter potential attacks.

In October 1984, the IRA attempted to kill British Prime Minister Margaret Thatcher with a long-delay time bomb planted at the Grand Hotel Brighton in which she was staying. While the PM narrowly avoided the blast, five people with connections to the Conservative Party were killed. The IRA released a statement that contained words since recognized as fundamental to an understanding of terrorism in the modern age – a passage that resonates particularly well with the ongoing threat to civil aviation. “Today we were unlucky, but remember we only have to be lucky once. You will have to be lucky always,” the statement read.

Luck is certainly an asset, but the combined leveraging of new technologies, improved coordination among security agencies, and proactive threat detection is even better.
___
Casey Brunelle is an intelligence and strategic studies consultant with extensive experience in the public and private sectors, specializing in counterterrorism, public safety, and geopolitics. Casey currently serves as Strategic Advisor to the International Airport Watch Association.

Jacques Brunelle, recently retired from the RCMP after 30 years, has worked extensively in national security, international anti-corruption, and criminal intelligence. He is currently the Director of the International Airport Watch Association, a program that focuses on enhancing safety and security in and around airports around the world.