Knee Jerk Calls For New Security Rules After The Horizon Airlines Theft And Crash Miss The Point
It doesn’t take much to trigger calls from many corners of America for their politicians and bureaucrats to “do something.”
A slow news day on a Saturday that gives already-pressured 24/7 cable and satellite TV news readers a ton of air time to fill, combined with the in explicable theft and crash of a turbo-prop-powered airline, will do the trick, as it did this past weekend.
Conversely, the shooting of 40 people (17 of whom died) over the weekend in Chicago, the crash of a private plane in Utah by a many released from prison earlier the same day, and the usual deaths of nearly 6,600 people world wide in car crashes over the very same weekend barely registered on the collective national attention meter.
On Friday night Horizon Airlines airport ground worker Richard “Beebo” Russell stole a Horizon Airlines Bombardier Q400 aircraft that seats 70 passengers from a maintenance area at Seattle-Tacoma International Airport. He took it on an improbably impressive joy ride that included loops, barrel rolls and other difficult-to-master aerobatic maneuvers before he chose to kill himself by crashing the plane into a small island at the southern end of Puget Sound. The 24/7 news channels – and the traditional broadcast networks’ news departments – quickly seized upon the dramatic event in the Puget Sound area of Washington State and turned into a huge story while all-but ignoring those other events of the day.
Not surprisingly, by mid-afternoon Saturday supposed “experts” (some of dubious qualifications to be commenting on such a story), politicians and ordinary citizens being interviewed were wondering aloud what security measures failed and what new security procedures must be implemented quickly to keep such a thing from ever happening again?
Most of them apparently didn’t take the time to learn anything about how airport and airline operations and security practices actually work. Had they done so they would have learned that while there can never be a 100% guarantee, it’s a very near-certainty that passengers will never be aboard a plane stolen by a non-pilot airline employee.
But they didn’t bother to learn anything about the subject before calling for leaders to “do something.”
So such calls should be – must be – ignored. Friday night’s bizarre events were of the one-in-a-bazillion variety. Only one other event involving a non-pilot employee deliberately crashing a plane comes to mind, and a repeat of that event would be nearly impossible today.
In 1987 a man named David Burke, who’d just been fired from his job as an aircraft cleaner for Pacific Southwest Airlines for stealing $69 in cash from a plane’s in-flight liquor sales pouch, boarded a PSA flight with a gun, bent on revenge. Once aloft Burke shot five people, including the two pilots, and then deliberately pushed the control yoke forward, toward the ground. He then shot himself before the crash, which took the lives of the remaining 37 others onboard.
Most existing security measures designed to keep guns off planes weren’t in place back then, and because Burke still had his airport-issued security pass, he had the ability to bypass the basic magnetometer screening stations that were used in those days. Nowadays, security passes routinely are yanked the moment an employee is dismissed or quits. And even if that step is missed, employees no longer are allowed routinely to bypass security checkpoints. In nearly all cases they must go through the line like the rest of us, where they’re subject to the same technological and behavioral scans. Thus an employee trying to smuggle a gun through a checkpoint is very likely to be caught either by the machines or by TSA agents noticing his or her unusual behavior (it would take a very, very cool employee, who knows full well that he or she is breaking the law by merely trying to sneek a gun through, to successfully pass through a checkpoint without exhibiting at least a few of the “tells” TSA agents are trained to notice .
Even then, if the employee or ex-employee somehow manages to get a gun or other weapon past security, several layers of security – gate agents, baggage agents, mechanics, pilots and passengers await. All of thosewould be in position to stop any attempted takeover before the cockpit door is closed. And once that hardened door is locked, passengers still serve as a very highly motivated and effective final line of defense.
Now, when it comes to stopping an actual pilot from committing murder-suicide by plane crash, the task would be more difficult. Thankfully, there’s only one confirmed case of that happening, but it is chilling.
In 2015 Andreas Lubitz, a co-pilot for the low cost subsidiary of Lufthansa, incapacitated his captain, took control and purposely crashed Germanwings Flight 9525 in the French Alps in an act of murder-suicide. Its doubtful passengers were aware of anything was going wrong until Lubitz nosed the plane toward the mountains below. And because he had locked behind the impenetrable cockpit door there was nothing the passengers could do to stop him. He and all 149 other people on the plane died. Thankfully since then airports, airlines and regulatory agencies around the world have made, or are in the process of making the necessary changes to laws that will make it very difficult for pilots to keep secret a diagnosis that would automatically disqualify them from flying.
There also are lingering suspicions that a couple of other crashes were the result of pilot-initiated acts of murder-suicide. But those suspicions never have been proved. And in any case, with about 104,000 airline flights a day, every day, worldwide the statistical probability such a thing ever happening again with passengers aboard is infinitesimally small.
Bruce Schneier, the cryptographer and computer security and privacy expert who coined the derisive term “security theater” to describe most of the procedures implemented by the Transportation Security Administration (and mandated by Congress) after the 9-11 terror attacks, highlighted the folly of most airport/airline security measures in a column he penned just last week, before the Russell stone that airplane, in the Washington Post.
He long has argued that amateurs seeking to take down a plane are easily deterred or captured by very basic security defenses but that well-trained terrorists can and do figure out ever-evolving ways to get around or defeat even the most sophisticated security measures put into place over the last 17 years. Yet even Schneier highlighted the fact that these days the final and most effective defense against a non-pilot attempting to take down a plane from the inside comes from the passengers themselves.
“I’ve repeatedly said that the two things that have made flying safer since 9/11 are reinforcing the cockpit doors and persuading passengers that they need to fight back. Everything beyond that isn’t worth it,” Schneier wrote.
“It’s always possible to increase security by adding more onerous — and expensive — procedures,” he added. “If that were the only concern, we would all be strip-searched and prohibited from traveling with luggage. Realistically, we need to analyze whether the increased security of any measure is worth the cost, in money, time and convenience.”
So the knee-jerk calls since Saturday to “do something” to stop some future airline employee from steeling an empty airplane and killing himself alone in it are miss the point of air travel security. Many ground employees employees, like Russell, are by definition cleared to be in secured airport operating areas and must have access to airplanes in order to do their jobs.
And any security measures designed to catch disturbed ground employees before they act would be very expensive and time-consuming (if not impossible, given the nation’s relatively small number of degreed and licensed industrial psychologists who could do that type of screening). Such screenings also are just as likely to be defeated. Indeed, from what we know so far about Russell he almost certainly would have passed any such mental health screening.
Luckily, such additional security screenings aren’t necessary to save passengers lives. Had that Horizon Air plane been parked at a terminal gate Russell never would have been able to steal it, let alone fly and crash it. The flight crew and various other employees are certain to have fought strenuously keep Russell or any other unauthorized person from gaining control of a plane. And in this post 9-11 world it’s also a very good bet that passengers themselves, had any been there, would have fought ferociously if someone somehow had overcome the crew and other employees in an effort to steal their plane .
As it is, Horizon, a subsidiary of Alaska Airlines, lost an expensive airplane, but nothing else. And the plane’s insured. But there was no security failure in this event. The security measures in place today are aimed at protecting passengers, not planes.
While there’s a lot of security measures that, as Schneier argues, are merely for show, the two lines of defense that actually are effective – the hardened cockpit door and the passengers themselves – were never brought into play in this incident because no people beside Russell were aboard that plane.
So this time, politicians, airport mangers, and airline executives should resist the demands to “do something.” In this case the right thing to do is nothing.
Online Degrees & Certificates In Cybersecurity
American Military University's online cybersecurity programs integrate multiple disciplines to ensure you gain the critical skills and management practices needed to effectively lead cybersecurity missions – from government or private industry. Learn from the leader. American Military University is part of American Public University System, which has been designated by the National Security Agency and the Department of Homeland Security as a National Center of Academic Excellence in Cyber Defense Education.