Insider: what do you do when the call is coming from inside the house?

The insider threat is not a new one to the aviation industry, but are we doing enough to counter this all too familiar enemy? Jeffrey C. Price and Lori Beckman discuss the idea of a ‘culture of security’ among airport staff and analyse how effective identity card management and employee screening on the ground could reduce our vulnerabilities in the skies.

The 1979 horror movie When a Stranger Calls includes one of the most terrifying moments in movie history – when the victim discovers that the murderer who has been terrorising her all night is already in her house. Realising someone has penetrated our security measures, and is among us, is also one of the most terrifying forms of attack.

However, while one movie can represent the frightening nature of a threat, another may actually provide the answer. In the 1995 movie Casino, actor Robert DeNiro explains how casino security works:

“In Vegas, everybody’s gotta watch everybody else. Since the players are looking to beat the casino, the dealers are watching the players. The box men are watching the dealers. The floor men are watching the box men. The pit bosses are watching the floor men. The shift bosses are watching the pit bosses. The casino manager is watching the shift bosses. I’m watching the casino manager. And the eye-in-the-sky is watching us all.”

Over the last few years we have seen a growing number of stories about aviation insiders carrying out illegal activities, from bag theft by airline and security personnel, to the transportation of narcotics and weapons by baggage handlers, screening personnel and, in some cases, even air marshals. But insider threats to aviation are not new.

The history of aviation terrorism is filled with numerous attacks where insiders either committed the attack, or were instrumental by providing access, materials or support. To a certain extent, even the 9/11 attacks had an insider element since the hijackers were trained by US flight training companies.

Drug smuggling in commercial and general aviation aircraft is a 46-year-old practice in the United States, ever since the passage of the Controlled Substances Act, which made many narcotics illegal to possess, use, distribute or transport. Aviation is still used to smuggle drugs, but also is a common method of transporting weapons, cash, victims of human trafficking, and stolen goods. Criminal acts however, present another challenge to aviation security, as someone who is already corrupt and using aviation to smuggle illicit goods may be more susceptible to being blackmailed into bringing more dangerous items on board, or may not even know what or whom they are smuggling. A baggage handler, who has been smuggling drugs on airliners for years, may not realise that the last suitcase they loaded on board did not contain drugs at all, but rather a bomb meant to bring down the flight.

Some of the most notorious terrorist attacks in the 1980s were facilitated or caused by aviation insiders. In the hijacking of TWA 847 in 1985, catering crews smuggled guns and grenades onto the flight so that the hijackers could clear security screening. In 1987, an airline employee who had just been fired brought down PSA Flight 1771; he was able to get a gun past the screening area because his airport access badge had not been confiscated and, at the time, employees were not required to go through screening when in possession of their identification badge. Then in 1994, a FedEx employee, who was also having personal issues, unsuccessfully attempted to seize control of a flight from his co-workers and pilot it into the ground.

Recent insider involvement in acts of aviation terrorism may include the bombing of two Russian airliners in 2004, where airline ticket agents were bribed as the suicide bombers did not have the proper identity documents, and, in 2015, the possible bombing of a Russian airliner over Egypt, in which a bomb may have been placed by an airline employee. Even the most recent incident, this February, involving Daallo Airlines in Somalia was probably effected using insiders.

While bringing bombs onto aircraft, or bypassing security measures to hijack an aircraft, or committing a crime, are traditional methods of insider attack, new threats are on the horizon. In 2011, a former British Airways worker was convicted on four counts of preparing acts of terrorism. Inspired by the preaching and teaching of al Qaeda’s late propaganda minister, Anwar Al-Awlaki, Rajib Karim, a software engineer, told Al-Awlaki he had access to British Airways servers and could erase all data, causing massive flight disruptions and huge financial loss for the airline.

The solution to the insider threat lies in a layered system that includes creating a security culture, implementing effective employee credentialing standards, including methods for observing and assessing employee behaviour, and implementing random inspections to increase the likelihood that criminals or terrorists are caught.