International Association of CIP Professionals

TSA detects disassembled gun concealed in two peanut butter jars at JFK Airport

January 10, 2023 Neil Walker Agency News, Industry News, Transport sector

It was a sticky situation in a Transportation Security Administration (TSA) checked baggage screening room at John F. Kennedy International Airport (JFK) when a TSA officer removed two jars of peanut butter, each containing parts of a disassembled semi-automatic handgun artfully concealed inside.

The .22 caliber gun parts were wrapped in plastic and had been jammed into the middle of two plastic jars of peanut butter. The gun’s magazine was loaded with bullets.

When the checked bag triggered an alarm in a Terminal 8 X-ray unit, a TSA officer opened the bag and upon closer inspection uncovered the concealed firearm parts. TSA officials notified the Port Authority Police, who came to the checked baggage room in JFK’s Terminal 8, confiscated the items, tracked down the traveler in the terminal and arrested him.

“The gun parts were artfully concealed in two smooth creamy jars of peanut butter, but there was certainly nothing smooth about the way the man went about trying to smuggle his gun,” said John Essig, TSA’s Federal Security Director for JFK Airport. “Our officers are good at their jobs and are focused on their mission—especially during the busy holiday travel period,” Essig said.

Travelers may transport their firearms for a flight if they have a proper permit and the gun is properly packed. Firearms and firearm parts must be unloaded, packed in a locked hard-sided case and taken to the airline check-in counter to be declared. At that point the airline representative will make sure that the firearm is transported in the belly of the plane. Additionally, replica firearms are prohibited in carry-on baggage and also must be transported in checked luggage.

Leave a comment airportsecurity, avsec, counterterrorism, criticalinfrastructureprotection, TSA

TSA breaks record for number of firearms at security checkpoints, announces new measures to mitigate threat

January 9, 2023 Neil Walker Agency News, Industry News, Transport sector

Transportation Security Administration (TSA) officers intercepted a record number of firearms brought by passengers to airport security checkpoints in 2022. As of December 16, TSA has stopped 6,301 firearms; more than 88% were loaded. This number surpasses the previous record of 5,972 firearms detected in 2021. TSA anticipates it will prevent about 6,600 firearms in carry-on bags from entering the secure area of airports by the end of 2022, a nearly 10% increase over 2021’s record level.

Firearm possession laws vary by state and local government, but firearms are never allowed in carry-on bags at any TSA security checkpoint, even if a passenger has a concealed weapon permit. In order to reduce the threat of firearms at checkpoints, TSA has increased the maximum civil penalty for a firearms violation to $14,950. TSA determines the penalty amount for a violation based on the circumstances in each case. TSA will continue to revoke TSA PreCheck® eligibility for at least five years for passengers caught with a firearm in their possession. TSA may conduct enhanced screening for those passengers to ensure no other threats are present. Depending on state or local law in the airport’s location, passengers who bring firearms to a checkpoint may be arrested by law enforcement.

“I applaud the work of our Transportation Security Officers who do an excellent job of preventing firearms from getting into the secure area of airports, and onboard aircraft,” said TSA Administrator David Pekoske. “Firearms are prohibited in carry-on bags at the checkpoint and onboard aircraft. When a passenger brings a firearm to the checkpoint, this consumes significant security resources and poses a potential threat to transportation security, in addition to being very costly for the passenger.”

Leave a comment airportsecurity, avsec, counterterrorism, criticalinfrastructureprotection, TSA

TSA issues new cybersecurity requirements for passenger and freight railroad carriers

October 25, 2022 Neil Walker Agency News, Industry News, Transport sector

The Transportation Security Administration (TSA) announced a new cybersecurity security directive regulating designated passenger and freight railroad carriers. Today’s announcement demonstrates the Biden-Harris Administration’s commitment to strengthen the cybersecurity of U.S. critical infrastructure. Building on the TSA’s work to strengthen defenses in other transportation modes, this security directive will further enhance cybersecurity preparedness and resilience for the nation’s railroad operations.

Developed with extensive input from industry stakeholders and federal partners, including the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Transportation’s Federal Railroad Administration (FRA), this Enhancing Rail Cybersecurity – SD 1580/82-2022-01 strengthens cybersecurity requirements and focuses on performance-based measures to achieve critical cybersecurity outcomes.

“The nation’s railroads have a long track record of forward-looking efforts to secure their network against cyber threats and have worked hard over the past year to build additional resilience, and this directive, which is focused on performance-based measures, will further these efforts to protect critical transportation infrastructure from attack,” said TSA Administrator David Pekoske. “We are encouraged by the significant collaboration between TSA, FRA, CISA and the railroad industry in the development of this security directive.

The security directive requires that TSA-specified passenger and freight railroad carriers take action to prevent disruption and degradation to their infrastructure to achieve the following critical security outcomes:

1. Develop network segmentation policies and controls to ensure that the Operational Technology system can continue to safely operate in the event that an Information Technology system has been compromised and vice versa;
2. Create access control measures to secure and prevent unauthorized access to critical cyber systems;
3. Build continuous monitoring and detection policies and procedures to detect cybersecurity threats and correct anomalies that affect critical cyber system operations; and
4. Reduce the risk of exploitation of unpatched systems through the application of security patches and updates for operating systems, applications, drivers, and firmware on critical cyber systems in a timely manner using a risk-based methodology.

Passenger and freight railroad carriers are required to:

1. Establish and execute a TSA-approved Cybersecurity Implementation Plan that describes the specific cybersecurity measures the passenger and freight rail carriers are utilizing to achieve the security outcomes set forth in the security directive.
2. Establish a Cybersecurity Assessment Program to proactively test and regularly audit the effectiveness of cybersecurity measures and identify and resolve vulnerabilities within devices, networks, and systems.

This is the latest in TSA’s performance-based security directives; previous security directives include requirements such as reporting significant cybersecurity incidents to CISA, establishing a cybersecurity point of contact, developing and adopting a cybersecurity incident response plan, and completing a cybersecurity vulnerability assessment. Through this security directive, TSA continues to take steps to protect transportation infrastructure in the current threat environment. TSA also intends to begin a rulemaking process, which would establish regulatory requirements for the rail sector following a public comment period.

To view TSA’s security directives and guidance documents, please visit the TSA cybersecurity toolkit.

Leave a comment criticalinfrastructureprotection, cybersecurity, railways, transportsecurity, TSA

TSA revises and reissues cybersecurity requirements for pipeline owners and operators

August 30, 2022 Neil Walker Agency News, Industry News, Transport sector

The Transportation Security Administration (TSA) announced the revision and reissuance of its Security Directive regarding oil and natural gas pipeline cybersecurity. This revised directive will continue the effort to build cybersecurity resiliency for the nation’s critical pipelines.

Developed with extensive input from industry stakeholders and federal partners, including the Department’s Cybersecurity and Infrastructure Security Agency (CISA), the reissued security directive for critical pipeline companies follows the directive announced in July 2021. The directive extends cybersecurity requirements for another year, and focuses on performance-based – rather than prescriptive – measures to achieve critical cybersecurity outcomes.

“TSA is committed to keeping the nation’s transportation systems safe from cyberattacks. This revised security directive follows significant collaboration between TSA and the oil and natural gas pipeline industry. The directive establishes a new model that accommodates variance in systems and operations to meet our security requirements,” said TSA Administrator David Pekoske. “We recognize that every company is different, and we have developed an approach that accommodates that fact, supported by continuous monitoring and auditing to assess achievement of the needed cybersecurity outcomes. We will continue working with our partners in the transportation sector to increase cybersecurity resilience throughout the system and acknowledge the significant work over the past year to protect this critical infrastructure.”

Following the May 2021 ransomware attack on a major pipeline, TSA issued several security directives mandating that critical pipeline owners and operators implement several urgently needed cybersecurity measures. In the fourteen months since this attack, the threat posed to this sector has evolved and intensified. Reducing this national security risk requires significant public and private collaboration.

Through this revised and reissued security directive, TSA continues to take steps that protect transportation infrastructure from evolving cybersecurity threats. TSA also intends to begin the formal rulemaking process, which will provide the opportunity for the submission and consideration of public comments.

The reissued security directive takes an innovative, performance-based approach to enhancing security, allowing industry to leverage new technologies and be more adaptive to changing environments. The security directive requires that TSA-specified owners and operators of pipeline and liquefied natural gas facilities take action to prevent disruption and degradation to their infrastructure to achieve the following security outcomes:

- Develop network segmentation policies and controls to ensure that the Operational Technology system can continue to safely operate in the event that an Information Technology system has been compromised and vice versa;
- Create access control measures to secure and prevent unauthorized access to critical cyber systems;
- Build continuous monitoring and detection policies and procedures to detect cybersecurity threats and correct anomalies that affect critical cyber system operations; and
- Reduce the risk of exploitation of unpatched systems through the application of security patches and updates for operating systems, applications, drivers and firmware on critical cyber systems in a timely manner using a risk-based methodology.

Pipeline owners and operators are required to:

- Establish and execute a TSA-approved Cybersecurity Implementation Plan that describes the specific cybersecurity measures the pipeline owners and operators are utilizing to achieve the security outcomes set forth in the security directive.
- Develop and maintain a Cybersecurity Incident Response Plan that includes measures the pipeline owners and operators will take in the event of operational disruption or significant business degradation caused by a cybersecurity incident.
- Establish a Cybersecurity Assessment Program to proactively test and regularly audit the effectiveness of cybersecurity measures and identify and resolve vulnerabilities within devices, networks, and systems.

These requirements are in addition to the previously established requirement to report significant cybersecurity incidents to CISA, establish a cybersecurity point of contact and conduct an annual cybersecurity vulnerability assessment.

Leave a comment criticalinfrastructureprotection, cybersecurity, transportsecurity, TSA

TSA leaders share tips to get through airport security during the pandemic

January 11, 2022 Neil Walker Agency News, Industry News, Transport sector

There are a handful of actions that travelers can take in an effort to get through Transportation Security Administration (TSA) airport checkpoints during the pandemic in ways that may help reduce the likelihood of contracting COVID-19.

While security is TSA’s top priority, the health and safety of TSA employees and the traveling public is of utmost importance. TSA remains in close communication with medical professionals, the CDC, and various government agencies as we continue to carry out its security mission during the pandemic.

Here are a few suggestions that TSA Federal Security Directors want to share with travelers who are scheduled to fly during the pandemic.

John Bambury, TSA Federal Security Director for John F. Kennedy International Airport: “You’ve heard it a thousand times—wear a mask. I wear a mask every single day at the airport, which is one of the top recommendations from the CDC. If you’re flying, you should also consider carrying an extra mask so that if the elastic band snaps on your mask, you’ve got a spare one handy. Also, you may want to change into a fresh mask upon arrival at your destination. If you don’t have a mask, the TSA officer at the travel document checking podium will offer you one for free. When you get to the travel document podium, the TSA officer will ask you to remove your mask for just a few seconds to verify that your face matches the ID that you are presenting.”

Scott T. Johnson, TSA Federal Security Director for Washington Dulles International and Ronald Reagan Washington National Airports: “Consider enrolling in TSA PreCheck® because it gets you through the checkpoint conveniently and more quickly than a standard checkpoint lane, making it even more valuable in today’s travel climate. TSA PreCheck passengers spend less time waiting in line and keep their shoes, belts and jackets on during screening and electronics in their carry-ons, reducing overall contact during screening. Travelers in the program also are permitted to leave their 3-1-1 liquids bag in their carry-on bags.”

Gerardo Spero, TSA Federal Security Director for Philadelphia International Airport: “Know before you go. By that I mean that you need to know what is in your carry-on bag before you head to the airport to ensure that you have nothing prohibited with you. Prohibited items such as large liquids, knives, pepper spray, loose ammunition, and other prohibited items result in our need to open your carry-on bag and remove them. This keeps you in the checkpoint for an extra few minutes while one of our TSA officers opens your carry-on to search and eventually remove the item. We want to get you through the security checkpoint efficiently and quickly. Prohibited items slow you down.”

Thomas Carter, TSA Federal Security Director for Newark Liberty International Airport: “The CDC recommends washing your hands frequently. Consider washing your hands before and after completing the security screening process. If it is not possible to wash your hands, please use hand sanitizer. TSA has instituted a temporary exemption from the 3-1-1 rule, that permits travelers to carry up to one 12-ounce container of liquid hand sanitizer per passenger, in carry-on bags. You can also bring individual hand wipes or a large tub of hand wipes with you to help wipe down your hands and even handles of your carry-on bags.”

John C. Allen, TSA Federal Security Director for Yeager Airport: “Do your best to socially distance from others whenever possible. By that I mean, leave some extra space between the traveler in line ahead of you. Take that an extra step back. After you go through the checkpoint scanner, that’s another opportunity to take an extra step back while you wait for your carry-on items along the conveyor belt. Look around, see where you can wait for your carry-on items a little farther away from fellow passengers. Then take your belongings off to the side to put on your shoes, jacket and other items so that you’ve got some extra space of your own to recompose.”

Grant Goodlett, TSA Federal Security director for Baltimore/Washington International-Thurgood Marshall Airport: “If you haven’t traveled in a while, you will notice that TSA has installed acrylic shields in checkpoints in an effort to make the screening process safer for passengers and our workforce by reducing the potential of exposure to the coronavirus. Please don’t walk around these acrylic shields to interact with our TSA officers. The shields have small vents to allow for conversation, questions and answers to be shared.”

[Source: TSA]

Leave a comment criticalinfrastructureprotection, transportsecurity, TSA