Finding meaning or solace in the Germanwings tragedy may prove elusive. We should, however, use this horrifying moment to reflect on whether there are lessons here that could enable us to make corrections in our security strategy. I think that there are at least three points highlighted by this tragedy that are worthy of consideration:
- Detecting evil intent before the evil action begins is extremely difficult
- Counter-measures designed to stop an attack in progress are less effective than those aimed at disrupting a plot before it is operational
- Independent, overlapping layers of security are essential in stopping attacks from unexpected directions
It is not clear yet where the Germanwings crash fits in the taxonomy of “safety” versus “security” incidents; the pilot’s motives are simply not known. But we can imagine the same scenario — one person at the controls, locking everyone else out — playing out with a terrorist in the cockpit and a major city as the crash site. The “safety” mitigation measures here are robust and long-standing. Pilots are carefully vetted and assessed by civil aviation authorities, their airlines, and co-workers. In this case, that was not enough. The “security” measures didn’t do any better in stopping this incident, as the reinforced cockpit door, of the type adopted after 9/11, worked as an unintended hindrance.
Obviously, we all want to trust our pilots; and, of course, in the vast majority of circumstances we can. But we also know that is exactly those “trusted” nodes in our security systems that make us most vulnerable when they don’t act the way we expect them to. The Germanwings tragedy puts this fact directly in front of us.
It is not enough to scale-up background checks to combat insider threats. Pre-9/11 security clearances and law enforcement checks were heavily based on the idea of prior performance predicting future activity. Today’s terrorist or mass murderer knows full well that we still hold to that premise. We can pretty much assume that attacks today will be delivered by people who can and have passed background checks. We do not understand ahead of time what drives people to commit acts of mass violence or terrorism, therefore we cannot isolate the traits that reliably predict them.
What do we do against an enemy whose intent remains invisible until it’s too late? Layers of security that act independently from each other are where we need to concentrate. We must continue our investment in intelligence and all the systems that work together ahead of time that might highlight an anomaly — whether it be psychological screening of pilots and crew or behavioral detection at the airport and on the plane. Teamwork among employees, companies, families, authorities, and passengers is the key. The answers involve people, not more hardware or technology.
One layer of security now under pressure at home is the Federal Air Marshal (FAM) program. Misbehavior by some in the FAM program and a buzz about various personnel grievances do not take away from the fact that FAMs represent the most effective and flexible weapon in TSA’s toolkit. If the equivalent of a FAM team was aboard the Germanwings plane, would the result have been different? Maybe. The point is that FAMs, working undercover in airports, boarding areas, and on flights provide a layer of security that is unmatched as far as stopping unexpected attacks while they are unfolding. VIPR teams, where FAMs are very visible, operate thousands of missions a year throughout the transportation system — again, disrupting a planner who thinks that any part of the network is uncovered. Fix the program, but let’s stop talking about diminishing the role of Federal Air Marshals.
Our security risk environment is at an all-time high. Just because the Germanwings tragedy may not be a classic “terrorist” attack, we should not dismiss it when it comes to evaluating our security framework. We can, and should, take it as a warning and heed its lessons.