NEWS

Anatomy of a Security Breakdown

By Matthew Harwood

President Barack Obama yesterday declared that a failure to appropriately share intelligence information allowed a 23-year-old Nigerian jihadist to board an airliner from Amsterdam with explosives, which he tried to detonate on the flight's approach to Detroit.

Umar Farouk Abdulmutallab, which officials now believe has ties to al Qaeda in the Arabian Peninsular, an al Qaeda franchise in Yemen, could have killed nearly 300 passengers on Northwest Flight 253 if his attempt to detonate the explosives strapped to his leg was successful.

Speaking at the Kaneohe Bay Marine Base in Kaneohe, Hawaii, close to where he is vacationing, Obama said, "But what's also clear is this:  When our government has information on a known extremist and that information is not shared and acted upon as it should have been, so that this extremist boards a plane with dangerous explosives that could cost nearly 300 lives, a systemic failure has occurred.  And I consider that totally unacceptable."

The president also said he had ordered reviews of the U.S.'s terrorist watch list and its air travel screening.

As new details of failed attack are continually reported, a clearer picture has emerged of multiple security failures and holes that allowed  Umar Farouk Abdulmutallab to board the first leg of his flight from Lagos, Nigeria, to Amsterdam and then board his connecting flight to Detroit.

WARNING SIGNS: In November, Abdulmutallab's father—a prominent Nigerian banker— contacted the U.S. Embassy in Nigeria to help him find his son who had disappeared into Yemen and warned U.S. authorities that his son had become radicalized with jihadist views, according to ABC News.

Abdulmutallab's name was placed onto the broadest U.S. terrorist watchlist, reports The New York Times, that contains 550,000 names. It was not, however, placed on the smaller "selectee" list that results in secondary screening or the smallest "no-fly" list that bars a passenger from boarding the plane.

Critics say that the State Department should have revoked Abdulmutallab's visa, but the State Department said it cannot do so until it hears from the National Counterterrorism Center (NCTC). The Washington Independent's Spencer Ackerman adds other layers explaining why the State Department did not revoke Abdulmutallab's visa:

Taken together, all that means in practice that State Department officers were not going to revoke Abdulmutallab’s visa. That visa was issued in June 2008, long before anyone had any suspicions about him, and good until June 2010. Making matters more complicated, Abdulmutallab got his visa in London, but it was U.S. embassy officials in Abuja who learned about the threat he posed after his father warned them in November. They entered him into TIDE. The issuing consular office might very well not have known about it. Absent a determination from NCTC that didn’t occur, no one in the State Department was going to yank the visa. And if some clever consular officers decided to skirt the rules, they would still have to alert Abdulmutallab to the revocation — and hope they didn’t tip him off to the fact that U.S. authorities were monitoring him.

INFORMATION SHARING: The New York Times also reported yesterday that U.S. intelligence had information that al Qaeda operatives in Yemen were talking about "a Nigerian" they were preparing for a terrorist attack. That information, however, was not shared.

A point the president addressed yesterday, "Had this critical information been shared it could have been compiled with other intelligence and a fuller, clearer picture of the suspect would have emerged. The warning signs would have triggered red flags and the suspect would have never been allowed to board that plane for America."

An intelligence official confirmed this, telling the Times that had all the various information had been shared among agencies, the U.S. could have pieced together that Abdulmutallab was the "Nigerian" in question.

Another intelligence-sharing intelligence failure occurred between Great Britain and the United States, reports The Daily Telegraph. In May, the British denied Abdulmutallab a student visa because he listed a college that did not exist. That information, however, including his fingerprints, was not shared with U.S. intelligence, the paper reports because of strained relations between U.K. and U.S. intelligence.

AIRPORT SCREENING: ABC News also reports another signal that should have raised suspicions about Abdulmutallab: He paid for his flight in cash and traveled without luggage.

The alleged Nigerian terrorist also did not undergo a full body scan before boarding his connecting flight at Amsterdam's Schiphol  Airport, ABC News reports after speaking with airport officials, because the airport has not received clearance from the U.S. to use such screening devices on U.S.-bound passengers.

Full body scans, which can detect non-metallic items on passengers, have met with resistance from civil libertarians and privacy advocates because the technology uses "low frequency radio energy in millimeter form" that allows screeners to see underneath a traveler's clothes to check for contraband.

Schiphol officials said Abdulmutallab did walk through metal detectors, which could not identify the high explosive known as PETN that he was sewn into his underwear.

In reaction to the failed terror attack, CNN.com reports the Dutch Interior minister today announced Schiphol will screen all U.S.-bound passengers with full body scans within three weeks.


♦ Photo by virtualpilot88/Flickr

Comments

Anatomy

Nice work Matthew,

 

Unfortunately this near miss looks very similar to many of the bull's eyes we've observed over the past dozen years. We will almost certainly continue to see systemic failures until we stop addressing symptoms and deal with the complex adaptive system that is the U.S. Government, how it functions dynamically, and how humans and their agencies defend against either accountability or improvement.

Some recent articles that may be of interest:

Systemic failure requires new holistic cure

http://kyield.wordpress.com/2009/12/30/systemic-failure-requires-new-holistic-cure/

 
How to prevent the Fort Hood tragedy, by design.
http://kyield.wordpress.com/2009/11/23/preventing-the-next-fort-hood-tragedy-by-design/

Another paper written in laymen's language is a use case scenario developed specifically for the DHS:
http://www.kyield.com/images/SCENARIO_3-_Roger_the_maintenance_man_at_the_hydro_dam.pdf

 
Mark Montgomery
Founder
Kyield

View Recent News (by day)

 




Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.