Monday, April 30, 2007

Review: FDNY Terrorism and Disaster Preparedness Strategy

I've had a chance to read the entire FDNY Terrorism and Disaster Preparedness Strategy (html | pdf) and I have found a lot to like.

When I reviewed the FDNY's general Strategic Plan in February, it was not clear to me how serious the FDNY was in its intention to collaborate with other agencies to manage risks. Building collaborative relationships among various agencies is vital because it has real-world effects. For example, better coordination between agencies on 9/11 could have saved lives - i.e., if FDNY had been able to get the message from police helicopters that the support beams of the Twin Towers were buckling.

Even so, communication during the response is only the half of it.
Agencies must collaborate and share information to prevent potential acts of terrorism as well.

After reviewing FDNY's terrorism-specific plan, I'm persuaded that FDNY is serious in its efforts to proactively collaborate and share information, and to use its unique capabilities to recognize threats. From a strategic perspective, the FDNY has developed an excellent model for involving firefighters in a collaborative effort to prevent terrorism and mitigate its effects.

Early on, FDNY makes its intentions clear:

[Defining and assessing] FDNY's role in the homeland security network involves evaluating the outcomes of actions taken to reach these preparedness goals and finding new and better ways to work collaboratively with security partners.

The FDNY has many crucial responsibilities in homeland security. This Strategy is designed to help members fulfill those responsibilities and work with all homeland security partners to enhance terrorism and disaster preparedness for the Department, the City and the nation.
To improve its response capabilities, FDNY is trying to address the information-sharing problems that plagued the response to 9/11:
Network-centric command is an information-sharing framework that integrates voice, video and data information from multiple internal and external sources. … This information comes from FDNY databases, imaging libraries and field units, as well as from other City, State and Federal agencies, the private sector and the media.

The FDNY's newly designed and substantially upgraded Fire Department Operations Center (FDOC) serves as the hub for the Department's network-centric command system and interoperable communications capabilities. Additional components [include] network connections to the Department of Homeland Security (DHS), Federal Bureau of Investigations (FBI), New York City Police Department (NYPD), New York City Office of Emergency Management (OEM) and other City, State and Federal agencies.
These are useful tools during the response to an incident. But even more impressively, FDNY is also focusing on building better relationships with other agencies in advance of incidents, to promote prevention and preparedness.
The FDNY has worked steadily toward increasing the ability to interface with other local, State and Federal emergency management, intelligence and law enforcement agencies to collectively enhance prevention and preparedness through the rapid and comprehensive exchange of information.

The FDNY will continue to work with security partners to fill the significant information-sharing gaps that exist. … Additionally, the Department has liaisons with the NYPD and the FBI. Several members of the BFI also serve on the JTTF. These important connections help inform the Department's leaders of current threats the FDNY must prepare for, as well as how the Department can better contribute to the City's preparedness efforts.

The FDNY also is working with the DHS Office of Intelligence and Analysis to establish a direct information conduit between the FDNY and DHS.
Perhaps most impressively, FDNY envisions that its "prevention" mission has evolved. It is involved not just in fire prevention, but in terrorism prevention. This is a vitally important new mindset:
The events of 9/11 … prompted the Fire Department to see prevention on the same level as consequence management. And, like fire prevention, terrorism prevention is a role of the FDNY that needs to develop and grow.
The key to FDNY's prevention efforts is sharing information:
The FDNY [has] recognized that the Department could help to fill some of these [information] gaps by contributing to local intelligence-gathering efforts. When routinely shared with intelligence and law enforcement agencies, the information gathered by FDNY personnel could make a significant contribution to existing intelligence and lead to the identification and disruption of terrorist activities.
And FDNY rightly knews that it has access to information that others do not:
Terrorism-related information can be gathered by the FDNY in many ways. During the course of routine building inspections, arson investigations and the response to fires and medical emergencies, FDNY personnel have unique access to homes and buildings that generally are concealed from outsiders. For example, the FDNY conducts frequent building inspections, system testing and safety and evacuation plan reviews throughout the City.

The FDNY's information-gathering potential is substantial. Each year, FDNY units make approximately two million fire, medical and other emergency responses and 300,000 building inspections.

FDNY personnel also may observe characteristics – materials, equipment, literature, etc. – during their normal response operations that would indicate a threat of terrorist activity.
Because it has unique information-gathering capabilities, FDNY intends to be an active partner in recognizing threats and acquiring intelligence:
In reaction to information gathered and based on the type of intelligence received, the FDNY can increase inspection activity to assist in detection or strategically locate additional resources to act as a terrorism deterrent.

Collectively, this respresents an incredible opportunity for FDNY personnel to be what the President has labeled the nation's "First Preventers" – first responders who are able to recognized tell-tale signs of danger to homeland security, report the suspicious activity and preserve the scene until the proper authorities arrive.
To discuss the potential power of this approach, I'd like to specifically focus on one type of inspection/detection activity that FDNY mentions in its plan. This exemplifies a number of concepts that I've written about in the past week or so.

As I've discussed in a couple of recent posts, DHS has plans to install arrays of radiation detectors in all
major cities.

That's fine, but as I've argued, it's essentially just a passive "net" of equipment. Such a system should be just one of a number of systems to prevent radiological threats.

Now let's consider how the FDNY intends to supplement the passive-detection system:

The hazardous materials monitoring equipment carried by every Fire Department unit can detect radiation and potentially lead to the discovery of materials intended for use in a dirty bomb attack.
This is a much more robust detection regime. It's one thing to have a network of radiation detectors silently watching the city
like an army of HAL-9000s. But how much better is it to supplement those passive detectors with an department of firefighters who carry radiation detectors with them and are trained to identify the precursors of terrorist activity - or in Bruce Schneier's word, to recognize what's "hinky." The passive system is now supplemented by a much more active system.

To their great credit, FDNY is training its personnel to recognize the precursors to terrorism:
The FDNY currently is developing a training program to provide personnel with the skills they need to be optimally effective in identifying and reporting suspicious materials, activities or symptoms.

The Department has institutionalized counterterrorism training into the standard emergency response curriculum for all personnel.
There's more, though. Recalling that "threat" is only one aspect of risk, FDNY correctly acknowledges that it can bring a unique perspective on the other aspects of risk: vulnerability and consequence:
While law enforcement generally examines structures from a security perspective, the Fire Department provides another dimension of knowledge by looking at the same structure from a vulnerability and consequence management point of view. When fire personnel conduct building inspections or perform a size-up of an incident, they observe those characteristics that would profoundly affect a building's vulnerability to attack and the likely associated consequences of an attack …
In summary, FDNY has created an excellent strategic plan that incorporates many of the foundational elements of prevention. It's really good stuff and a good model for any fire department.

Update #1 - 2007-05-01: A recent incident on a New York highway, involving an NYPD officer, illustrated the benefits of putting radiation detectors in the hands of homeland security professionals, as Newsday reported:
A counterterrorism officer was driving to work near Coney Island on April 27 when a radiation detector alerted him to a possible problem.

The officer, Lt. Steve Donahoo, "got a positive reading from the car that was next to him," said Police Commissioner Raymond Kelly.

It turned out to be a false alarm: The Mercedes sport utility vehicle was carrying an engineering tool that uses a small amount of radioactive material to measure soil density. But the episode demonstrated how the New York Police Department has turned to hand-held radiation detectors in hopes of foiling any plot to detonate a so-called dirty bomb.

In recent years, the nation's largest police department has quietly deployed more than 900 of the five-ounce detectors, which are roughly the size of an MP3 player and cost at least $1,000. The devices are sensitive enough to differentiate between harmful, artificial isotopes and naturally occurring, innocuous ones, police said.

Officers typically wear the detectors on their belts like pagers while on patrol. The devices emit an alarm that intensifies as they get closer to the source.
Putting detectors in the hands of professionals provides a blend of technology and human expertise. That's a powerful combination, especially when information is shared among a network.

Update #2 - 2007-05-01: Here is another thought on using fire department personnel to gather intelligence on potential threats:

Although the concept of having fire department personnel collect and share information with other agencies is an excellent means of identifying potential terrorist threats, it will be important for the FDNY to define its mission carefully and stick to identifying terrorist threats.

The FDNY must avoid "mission creep." Firefighters should not become a reconnaissance arm of law enforcement, because doing so might jeopardize the public's trust in the fire service.

If they stick to terrorist threats, they should be fine. If their mission expands, then there could be problems.

Cross-posted in IPS Blogs at the Institute for Preventive Strategies.

Friday, April 27, 2007

See Something, Say Something?

Bruce Schneier wrote an interesting post yesterday on the relative usefulness - or uselessness - of citizen reporting of suspicious activity: the "See Something, Say Something" paradigm.

He argues that without proper training, peoplw who report suspicious activity will typically send investigators down false trails. But with training, reporting improves substantially:

People trained to be alert for something hinky will do much better than any profiler, but people who have no idea what to look for will do no better than random.
It seems to me that what he's really doing is focusing on the right question. In the aftermath of any terrorist incident or serious crime (e.g., Virginia Tech), there is a tendency to ask:

"What kind of person would do this?"

While that's an interesting question for cable news hosts and pop psychologists to chew over, it's not the most useful question for prevention efforts. Focusing on "the kind of person" can lead to all sorts of errors of misperception, especially to an untrained or minimally trained eye:

A much better question is:

"What are the precursor activities that indicate the potential for crime or terrorist activity?"

Identifying those activities provides much better - and much more objective and defensible - evidence that someone may be up to no good. It seems to me that Schneier's description of "hinky" is really about making that crucial distinction.

Cross-posted at the Institute for Preventive Strategies.

FDNY's New Terrorism-Specific Strategic Plan

As an extension of its general strategic plan, released earlier this year, the Fire Department of New York (FDNY) has released a terrorism-specific strategic plan. I'll have more info after I've had time to read the new strategy, but NY1 reports:

The FDNY released its first-ever Terrorism and Disaster Preparedness Strategy Wednesday, outlining how the department can improve their response to terrorist attacks and large-scale emergencies.

The plan also focuses on improving information-sharing between city, state, and federal agencies to help prevent attacks, increasing hazardous material training, and making risk assessments on key locations around the city.
For reference on the FDNY's general strategic plan, see this post from February.

Impacts of New DHS Chemical Facility Security Rules

The chairs and ranking members of the House and Senate committees on Homeland Security (Joe Lieberman, Bennie Thompson, et al) recently received some info on the impacts of the new DHS rules for chemical plant security. Here are a few brief notes:

How many facilities are affected, and what's the cost?

DHS estimates the costs to be $3.6 billion over the period 2006-2009 and $8.5 billion over the period 2006-2015. DHS estimates that between 1,500 and 6,500 chemical facilities will be impacted by this interim final rule and uses the estimate of 5,000 impacted facilities to generate the cost estimates. According to DHS, this interim final rule gives chemical facilities considerable flexibility...
What's the effect on small facilities?
DHS estimated that as many as 41 percent of the chemical facilities impacted by this rule could be small entities. DHS concluded that this interim final rule may have a significant economic impact on a substantial number of small entities.
What's the added burden on state and local governments?
According to DHS, it does not have enough information regarding the specific facilities that will be required to comply with the interim final rule to conclude whether this interim final rule will impose an enforceable duty upon state, local, and tribal governments of $100 million or more. DHS has concluded that this interim final rule may impose costs on some municipalities, but DHS does not know the extent of the financial impact.
It will be interesting to watch the effects of these new rules as they go into effect.

Cross-posted at the Institute for Preventive Strategies.

Pandemic Flu: An Argument for Excess Capacity

Today, Effect Measure examines how the traditional economic model of supply-and-demand is affecting preparedness for pandemic flu. The maker of Tamiflu - one of the only antiviral drugs that's effective against H5N1 flu symptoms - is cutting back on production:

Roche is now planning to cut production of its antiviral Tamiflu because, they say, supply is exceeding demand...
Roche defends its actions by saying that it is simply responding to market forces. The current non-pandemic market for Tamiflu does not justify increased production.

But is a traditional market the appropriate model for catastrophe preparedness? The folks at Effect Measure argue it's not, because excess capacity is required if we are to quickly respond to the initial waves of pandemic flu:
How long would it take them to restore full capacity? Four months ... So this isn't "speedy," and even when running full blast, supply wouldn't meet need. In such circumstances supply has to greatly exceed demand. It's not economically efficient. Neither is a pandemic. So we need to go outside the market mechanism. Just like the vaccine situation.
How far outside the market mechanism to go is a question for political leaders. But developing excess capacity is clearly required in some situations.

In terms of the current state of preparedness, a lack of excess capacity is not just relevant to antiviral drugs. In the event of a flu pandemic, there will be a lack of personnel and resources. As the American Public Health Association recently pointed out. (My post is here.)
[I]f staffing levels remain stagnant, the current health care workforce cannot be depended on in event of a flu pandemic.
The problem doesn't stop with personnel. We also don't have enough beds, as the Trust for America's Health reported late last year. (Also see my post.)
Half of states would run out of hospital beds within two weeks of a moderately severe pandemic flu outbreak.
Along with a shortage of healthcare personnel and physical resources, there will be no vaccine - and a shortage of other medicines, as the CDC recently pointed out in its interim guidelines for community flu preparedness. (My post is here.)
It is highly unlikely that the most effective tool for mitigating a pandemic (i.e., a well-matched pandemic strain vaccine) will be available when a pandemic begins. This means that we must be prepared to face the first wave of the next pandemic without vaccine and potentially without sufficient quantities of influenza antiviral medications.
For local preparedness professionals, collaborating and sharing information with public health agencies, healthcare providers, business leaders, etc. is critical.

Planning resources are available. For instance,
the list of all State pandemic flu plans can be found here, and a local planning checklist is here.

Update 04-27-2007: Here's a bit more information from a recently released GAO report on public health preparedness.

First, late in 2007 the CDC plans to publish an updated report on the status of public health preparedness:
CDC plans to issue a report by the end of 2007 providing a “snapshot” of the progress recipients have made in building emergency readiness capacity and addressing how CDC will measure capability in the future.
The Health Resources and Services Administration (HRSA), which focuses on hospital preparedness, is not certain when more information will be available:
HRSA officials said that decisions about whether to issue a report in 2007 on recipients’ progress had not been made.
Also, for formality's sake I'm using the wrong term. "Capacity" is out; "capability" is in:
Early in a program, performance measurement systems can focus on measuring capacity, such as equipment and supplies purchased and personnel hired. As programs mature and more data and scientific evidence are available, performance measurement systems can focus more on measuring capabilities, such as whether personnel are trained and can appropriately use equipment and supplies.
This is more consistent with the Interim National Preparedness Goal and draft Target Capabilities List.

Cross-posted at the Institute for Preventive Strategies.

Tuesday, April 24, 2007

More on Radiation Detection

An update on last week's post on radiation detectors.

GovExec reports that the Domestic Nuclear Detection Office (DNDO) wants to go ahead with deployment of next-generation Advanced Spectroscopic Portals (ASPs). The tests aren't complete, but DNDO feels like it has enough information to go forward:

Heartened by recent test results in Nevada, the director of the Domestic Nuclear Detection Office said he expects to recommend next-generation nuclear detectors be cleared for deployment in July.

The detection office, a division within the Homeland Security Department, is about halfway through a test run of new radiation detection technology at the New York Container Terminal in Staten Island. The detectors have already undergone testing at the Energy Department's Nevada Test Site.

While DNDO Director Vayl Oxford declined to describe the results of the February and March tests in any detail, he characterized the results as positive. "We are very optimistic that when we go to [Homeland Security Secretary Michael Chertoff] this summer he will give us permission to go to production," Oxford said.

A GAO report said Oxford's office should systematically compile test data on the existing monitors to fully understand their benefits and limitations before making the multibillion dollar investment the deployment plan requires.

Regarding the recommendation to compile testing data, Oxford said, "That's a prudent thing to do."
For the record, it's a $1.2 billion project. And the "prudent" comment is a bit odd. As I read it, Oxford is saying it's prudent to compile testing data before making the deployment decision - but he's planning to deploy without doing so anyway?
He added, however, that "some of that test data we've already looked at, and I'm not sure it's relevant to the decision we're making."

Even as the office works to enhance the nuclear detection network at the nation's borders and ports, DNDO officials are enlisting help from outside experts and the intelligence community to probe gaps in the system. In some cases, that includes testing the systems and detectors by having people trying to smuggle real nuclear material. Tests with mock terrorists have already begun, said Huban Gowadia, the detection office's assistant director for assessment.
I'm not an technical expert on radiation detection, so I can't say whether DNDO is making a sound technical decision. But a detection system, no matter how robust and no matter how many concentric rings it contains, should be only one system among a number of systems to prevent and mitigate radiological incidents.

It's worth remembering that only a fraction of the potential radioactive sources are legitimate threats for "dirty bomb" use, combining the high levels of radioactivity, long half-life, and sufficient quantity to be a realistic threat (source). Controlling radioactive sources is obviously important.

Other steps are also necessary. To mitigate the fear caused by a dirty bomb, communication would be vital. Recalling the DoD's estimate that no one would be killed by radiation in a 100-pound dirty bomb attack (source), it's not difficult to infer that a primary impact of such an attack would be fear.

In the case of a radiological attack, healthcare resources could be overwhelmed if there were a large number of "worried well." That's a contingency that should be prepared for. It's also possible that there could be a lot of refugees from the affected area.

At the most basic level, anyone involved in the response to a radiological event should be aware of who would respond. The list is long and involves a lot of agencies that local first responders generally do not work with (e.g., DoD assets, the National Nuclear Security Administration, etc.). Simply understanding the response structure is a simple first step.

One last thought on the DNDO news: The GAO argued that, since state and local governments will be making the buying decisions for radiation detectors within their jurisdictions, DNDO should provide better information about the detection equipment. DNDO responded with what I perceive to be a rather bland platitude:

The [GAO] report also recommends the office provide state and local authorities with information on radiation detection technologies to help them make more informed purchasing decisions.

"We strongly agree with this statement, as the DNDO feels that bolstering preventive [radiological and nuclear] detection capabilities within the domestic interior is an essential part of our nation's defense," the detection office wrote in response.

It's nice to hear this, but it's not clear what DNDO is proposing to do about it.

Updated 2007-04-30: This is a couple of weeks old, but Reuters has reported that the U.S. is giving radiation detectors to Mexican ports:
The United States will donate radiation detectors to Mexico and help install them in busy sea ports to prevent a terrorist attack with a "dirty bomb" or other radioactive material.

The U.S. Department of Energy will provide equipment and train customs officers at major ports on the Pacific and Gulf of Mexico coasts, Mexico's Finance Ministry said.

Mexico increasingly receives cargo ships from Asia destined for the United States. Cargo is unloaded in Mexico and transported by land to its northern neighbor.

The detection equipment will be installed in Manzanillo, Lazaro Cardenas, Altamira and Veracruz, ports that account for 92 percent of the Mexico's maritime trade.

The first set of equipment should be installed and working by the end of the year, the ministry said.

What Chertoff Said

DHS Secretary Michael Chertoff said a few things worth noting in a recent speech to the Sacramento Chamber of Commerce. Mostly it's stuff he has said before, but it's good every once in a while to take note of what the guy in charge is saying. So...

On public/private collaboration:

[Emergency preparedness] has to be a public/private partnership because most of the assets and employees which are threatened in any situation, whether it's a potential terrorism attack or a natural disaster, most of those assets and employees are in private hands. ... And therefore, this is really an area where partnership is very important.
On risk management:
[I]n this world, you cannot eliminate risk. ... What we have to do is manage risk.

What do we mean by risk? Well, we look at three things. We look at threats, we look at vulnerabilities, and we look at consequences. We try to weigh where the threats are, where we are most vulnerable, and, perhaps most important, what would the consequences be if a particular threat came to pass.
On viewing security as an investment, rather than a cost:
[T]here is a very important business case to be made with respect to investments in homeland and national security. After all, a good part of what you need to do when you invest your resources in producing economic activity is to protect your investment. You've got to protect your assets, you've got to protect your employees, you've got to protect your business processes and your good will.

And therefore, investment in protection of infrastructure or people against all kinds of threats is very much at the core of your business mission, and that's why I think there is a real confluence of objectives here between government and its responsibility to protect the country, and you as business leaders in your obligation to protect your own investments.
On rail security:
[W]e have focused on the most significant risks to our rail transportation system. One of those is the risk of transportation of hazardous chemicals ...

At the end of last year, we issued a proposed regulation that will require major railroads to improve the monitoring of rail cars that carry toxic inhalation chemicals. Rail companies have to make sure these cars are not left unattended in rail yards, especially where they are near major cities or population centers. They have to be able to track the whereabouts of these cars at all times, and then they have to put these rail cars on the safest, economically practicable routes.

This regulation also illustrates another key element of the way we approach these problems, because it was developed working in partnership with the rail industry and the chemical industry at every step of the process, so that we did have a fair, intelligent and not hysterical risk-based strategy. We didn't simply propose these regulations unilaterally.
This is a pretty sunny summary. Actually, the rules on chemical plant security are quite contentious. (See these posts). And DHS still needs to complete a comprehensive risk assessment of the rail sector. (See these posts.)

The new rules are great for tracking the location of hazardous chemicals on the rails, but railroad companies have only five minutes to share this information with DHS. When local authorities get the information is a different question - and perhaps a more important question, given that local first responders are the ones who have to deal with any incident. And a lot of local communities need better information and preparation regarding their local rail risks. (See this post.)

On emergency preparedness:
[U]nder our National Infrastructure Protection Plan, which is how we work with the private sector to decrease the vulnerabilities in private sector infrastructure, we're developing specific plans to heighten protection for infrastructure in areas like agriculture, drinking water facilities, and dams.
Well, yes. But based on these comments, you'd think the process was smooth and remarkable only for its exemplary collaboration between the public and private sectors. But it hasn't really been that smooth, in part because DHS needs to do a better job of collaborating with the sectors. (See these posts for full details, but here's a notable quotable: "...a lack of trust in DHS and fear that sensitive information would be released are recurring barriers to the private sector’s sharing information with the federal government.") So the plans are getting put into place, but DHS does need to do a better job of listening to its public sector partners.
[P]reparation in advance for the unthinkable, gives you a leg-up in being able to respond when the unthinkable actually comes to pass.
No argument there. Nicely said.

Philosophically, I think Chertoff's emphasis on managing risks, working with private sector partners, and imagining the unimaginable is on target. The sticky parts come when you try to implement policies. Resistance and lack of trust can gum up the best laid plans. That, I think, is DHS' biggest challenge.

U.S. Chlorine Tank Thefts

There are some eyebrow-raising developments in the chlorine-bomb threat. Nothing is certain, but the signs tend to point one way. From USA Today:

The Chlorine Institute, a trade group that represents more than 200 companies that make and distribute chlorine, recently alerted the FBI to several thefts or attempted thefts of 150-pound chlorine tanks from water treatment plants in California.
There is no intelligence indicating such an attack is imminent or that terrorists have stolen any chlorine from the nation's chemical or water treatment plants, which use chlorine to purify drinking water.
And yet...
Robert Stephan, Homeland Security's infrastructure protection chief, says department officials are briefing bomb squads, urging plants to tightly guard their chlorine supplies and sharing photographs of unexploded truck bombs with police chiefs.
This is the definition of a predictable surprise. The indications have been there for months. Local homeland security professionals would be wise to share information on this threat and ensure that stocks of chlorine (and other dangerous chemicals) are secured and that they're prepared to respond to any sort of chemical event.

Friday, April 20, 2007

Local First Preventers

To extend the thoughts in the previous post on preventing jihadist recruiting, it's easy to say that we should intervene to stop radicalization and recruitment into terrorist causes and organizations. But how to do it?

An excellent summary of how to enact local prevention efforts was published a few months ago by George Kelling and William Bratton, in their article "Policing Terrorism" in the Manhattan Institute's Civic Bulletin. Kelling is a professor of criminal justice at Rutgers, and Bratton is the Los Angeles Chief of Police. Understandably, their focus is on law enforcement - though there is certainly cause for others to collaborate and share information to recognize threats.

Kelling and Bratton argue that local efforts are critical - but underutilized:

Our shared knowledge of both the theory and practice of policing has convinced us that local law enforcement is a vital yet underutilized resource in the war on terror.

Because the homeland-security debate has, so far, focused on federal capacities, our national counterterrorist strategy has failed to incorporate hundreds of thousands of capable cops. Local law enforcement officers are primarily viewed as "first responders" to incidents rather than as potential "first preventers" of terrorism. As a result, the United States remains far more vulnerable than it should be.

Above all, we must expand our national strategy to give a larger role to local police. Local police departments in the U.S. have not traditionally seen themselves as part of the national security apparatus. This needs to change. Homeland security is less dependent on appointing a national intelligence czar than it is on empowering local police. Massachusetts state police chief Ed Flynn calls this "hometown security."
(Hey, so do I!)

Kelling and Bratton offer three strategies for engaging local police in the prevention of terrorism:
Local police can be leveraged in this war in three key ways.

First, we can train police in the problem-solving techniques that will make them effective first preventers of terrorism.

Second, we can use computer statistics (Compstat) and technology to enhance data sharing and to catalyze intelligence-led counterterrorist policing.

Finally, and most vitally, the theory of order maintenance commonly called "broken windows," which police in New York City have used so successfully in the war on crime, can be adapted for the war on terror.
Being local - in and of itself - is critical. Local "first preventers" have an advantage in both numbers and familiarity with their environment:
The counterterrorist potential of local police is partly a function of numbers. More than 700,000 local law enforcement officers work in the continental U.S, compared with just 12,000 FBI agents. Based on numbers alone, local law enforcement personnel are much more likely than feds to cross paths with terrorists.

It is the local police, too, who are most often obliged to probe citizen tips. A major terrorist attack in London was disrupted last year in just that way. When a grandmother smelled something strange wafting from an adjacent flat, she notified police. She told them she'd noticed a group of young men frequenting the flat, which, she said, contained no furniture. Inside, police discovered a makeshift ricin gas factory. The "young men" actually constituted a terror cell preparing a poison-gas attack, which could have killed thousands.

The presence of police in our communities sensitizes them to anomalies and yields counterterrorist data valuable to other agencies.

Only an effective local police establishment that has the confidence of citizens," former CIA director James Woolsey testified to Congress in 2004, "is going to be likely to hear from, say, a local merchant in a part of town containing a number of new immigrants that a group of young men from abroad have recently moved into a nearby apartment and are acting suspiciously."
(Also see this post.)

Suspicious "local young men" may be engaged in radicalization, recruitment, or any other type of terrorist activity. But to find this type, you have to look for it:
But to fully realize the potential of local police in counterterrorism, we first need a philosophical shift, as occurred in criminal policing during the 1990s. Instead of merely reacting to individual "incidents," police must proactively solve general problems.

[LAPD counterterrorism] training is already paying off. In the Torrance case, the officers who executed the search had been trained by the Los Angeles area's joint counterterrorism program to look for possible links to terrorism, and they quickly found them. The NYPD's proactive Operation Nexus uncovered an al-Qaeda plan to smuggle weapons into the city through a garment-district shipping business. Counterterrorist training led police in Rhode Island to net jihadists in a routine traffic stop.

At the very least, officers who are taught to identify the support structures of potential terrorists are more able to create an environment in which terrorists will not feel comfortable.
As I've noted a number of times before, one of the key terrorist vulnerabilities is the nexus between terrorism and more "common" criminal activity:
Application of broken-windows theory in counterterrorist policing has two components: the first is creating a hostile environment for terrorists; the second is recognizing that terrorism's equivalents to subway fare beating are illegal border crossings, forged documents, and other relatively minor precursor crimes that terrorists often commit to fund the operations to prepare their attacks.

Criminals commit many crimes; as it turns out, so do terrorists. While it is possible that all the activities leading up to a terrorist act could be conducted perfectly legally, the combination of specific activities (e.g., large number of males using a rented apartment irregularly) can present, if not a recognizable pattern, at least an anomalous or a suspicious one. In the recent London bombings, for example, large amounts of hydrogen peroxide were purchased for the purpose of bomb making. Similarly, a terrorist may get tripped up by a law enforcement or private security encounter that has nothing to do with his terrorist activities or intent...

Many terrorists, especially foreigners who are in the U.S. illegally, have to live a fugitive lifestyle—that is, they have to commit crimes not just to carry out an attack but simply to sustain themselves. They maintain themselves with illegal documents, committing burglary and robbery, dealing drugs, committing fraud, and so on.
While terrorist criminal activity remains a significant vulnerability, there is much that local "first preventers" can do to make targets more difficult to exploit. This presents opportunities for working with other public agencies, as well as the private sector. Sharing information is critical:
LAPD's Operation Archangel ... works proactively with private and public partners to assess the vulnerabilities of critical infrastructure. Owners and operators of commercial buildings are asked to contribute detailed, up-to-date infrastructure information to Archangel—floor plans, HVAC systems, entrances and exits, and so on. This information is then entered into a database management system that assesses threats and devises deterrence and prevention strategies, as well as emergency response plans.
In March, the Governor's Guide to Homeland Security also emphasized the importance of collaborating with both public- and private-sector entities on prevention, preparedness, and response. (Also see my post.)

Citizens at all levels - like the grandmother in the London apartment - can be involved. It can be especially useful to establish partnerships with those who live and work close to potential targets or avenues for attack:
We've worked with Los Angeles business owners who sell products or services that could possibly be used by terrorists—truck-rental facilities, for example—to make sure that they are aware of the threat. We've also reached out to doormen, private security guards, and transit workers.
This type of information-sharing is not common, but there are some positive developments:
Although the need to share data is not new, exchanging information across jurisdictions and levels of government is more critical in the current threat environment than it ever was in the war on crime.

Since 9/11, information sharing between the federal government and state and locals has improved. Most of the improvement has come through the FBI's Joint Terrorism Task Force (JTTF) ...

Despite this progress, the level of cooperation seems to vary greatly, depending on the personalities of individual bureau and police chiefs.

Instead of relying solely on the federal government for intelligence, many state and local departments have now taken it upon themselves to create their own systems. Among other things, they are assembling databases, sharing information, and setting up their own DNA labs. The NYPD's intelligence operation is widely regarded as the gold standard.
But it's not enough to share information within a single network. Information must be shared across networks if it is to be most useful:
Once law enforcement has the information, it needs to make sense of it and share it immediately. It is critical that—both horizontally and vertically—law enforcement overcomes its traditional reluctance to share information in a meaningful and timely fashion.

[W]e must not forget that information must flow both ways. It is just as important that local police are sharing information with the feds—a point that is often overlooked by those involved in the FBI's JTTF.

Information is the best weapon we have against terrorism, but it must be made available to those who can best use it. In many cases, they will be local law enforcement.
Despite all the progress, there is a long way to go:
The unfortunate reality is that law enforcement—federal, state, and local—is very far behind the private sector in terms of the ability to use technology to gather, analyze, and disseminate information.

The federal government simply has to do a better job of collecting, analyzing, and sharing intelligence. The government's failure at "connecting the dots," as the 9/11 commission put it, was key to al-Qaeda's fateful hijackings in 2001. Five years later, it is not clear that much has changed.
Kelling and Bratton summarize:
Counterterrorism has to be woven into the everyday workings of every department. It should be included on the agenda of every meeting, and this new role must be imparted to officers on the street so that terrorism prevention becomes part of their everyday thinking.

We need to train local police to be aware of terrorist indicators and precursor crimes so that they can be effective "first preventers." We need to overcome the petty rivalries and technological barriers that are hampering the collection and sharing of important intelligence.

America's genius has been and always will be its empowerment of local institutions. ... Empowering local police to act as the front line for homeland security is how we can win the war on terror.
Another expert who has recently chimed in on possible ways that local "first preventers" can exploit terrorist activity is Raymond Foster, a retired Police Chief of Los Angeles. Writing for, Foster's article "Terrorism Organizational and Communication Strategies" focuses on how local police can exploit terrorist groups based on their organizational structures and communication techniques. First, he argues in favor of better information sharing:
Intelligence gathering is the first line of defense against terrorism. Through use of intelligence, law enforcement and military operations can be designed to disrupt terrorist organizations and preempt their operations.

Moreover, while our focus is on international terrorist organizations, there are many domestic groups that use similar methods of organizing and communicating. Understanding some of their organization and communication methods may help you see evidence, information and intelligence you might have overlooked otherwise.
The first type of terrorist organization is the "single-cell":
In the realm of terrorism, the single-cell organism is referred to as the "Lone Wolf terrorist" or "leaderless resistance." This can be a critical concept in understanding the development of terrorist organizations. The Lone Wolf terrorist does not receive direct instructions from a central organization. Rather, he or she receives inspiration from an idea or perhaps a remote subversive political figure.

Single-cell or disconnected cellular groups have the benefit of maximum operational security because communication is limited or non-existent. There are few, if any, opportunities for an intelligence service to intercept communications or penetrate the group. On the other hand, single-cell or disconnected cellular groups also are limited in their ability to carry out operations.
These can be difficult to disrupt, but there are some means of doing so. (Note how this fits nicely with Kelling and Bratton's call to develop relationships with local businesses who provide goods and services that may be of interest, and to exploit the terrorist vulnerability of "common crime"):
In the instance of Lone Wolves, state and local law enforcement officials should be aware of the purchase of certain materials, monitor suspicious actions of individuals and devise ways to share seemingly low-level suspicious activities with other jurisdictions.
A "multi-cellular" organization is larger, so it tends to work hard to maintain operational secrecy:
With terrorist organizations, the purpose of a true cellular organization is to increase the operational security of the larger group and to capitalize on specialization. It is a mistake to believe that one member of the cell necessarily leads to other cells. Rather, operational security is enhanced because most of the members of the cell do not know anyone in the organization outside of the cell.
This has an effect on its communication strategies:
As a terrorist organization becomes more specialized and cellular, its communications scheme becomes more complex.

Terrorists have tried to mask or disguise their use of e-mail by having relatively anonymous [e-mail] accounts provided free by various services. But, any message you send over the e-mail account is susceptible to interception.

While terrorists are using technology to communicate, it is likely that they mostly are relying on time-tested spy "tradecraft" like dead drops. A dead drop is a pre-determined location where messages or materials are left so that cell members do not have to meet face to face. Or, in areas where there is significant social support for their movements, face-to-face meetings.

Whatever their means of communication, as the complexity of their cellular structure grows, so does the complexity of their communication schemes and the likelihood of interception.
In terms of preventing terrorist recruiting, communication strategies and techniques are very important. An Internet-based scheme is likely to motivate Lone Wolf terrorists, who are harder to detect but less capable of doing significant damage.

But for a terrorist organization to develop a more powerful cell, more personal recruitment is required. As these two posts indicate, this is a significant vulnerability for terrorists, because they, like first preventers, need to develop deep, trusting relationships. They cannot do this without exposing themselves and their communications.

Tuesday, April 17, 2007

Preventing Terrorist Recruiting

Tuesday's post about radiation detectors, and how they're just one element of a preventive system against radiological terrorism - regardless of how ubiquitous they become - got me to thinking more about how local homeland security professionals can work to prevent terrorist attacks in their communities.

Protective regimes - detectors and the like - are certainly important. But by themselves they are essentially just a series of nets. If something slips through, then prevention has failed. And terrorists are adept at evading detection; their experience with non-terrorist related crime teaches them this (if nothing else does).

But local homeland security people can take the offensive. One method that has always interested me is intervening to prevent terrorist recruitment. In any terrorist attack, the irreplaceable element is always the terrorist. Without the terrorist, there's no terror.

With that in mind I turned to the recent testimony of Brian Michael Jenkins before the U.S. House Committee on Homeland Security - Subcommittee on Intelligence, Information Sharing and Terrorism Risk Assessment.

His presentation, entitled
"Building an Army of Believers: Jihadist Radicalization and Recruitment," is a good primer on terrorist recruiting and what can be done to stop it at the local level. It echoes some of the ideas from his excellent book Unconquerable Nation, which I reviewed here.

Jenkins starts by defining the problem:

Although the United States and its allies have achieved undeniable success in degrading the operational capabilities of jihadist terrorists worldwide, they have had less success in reducing the radicalization and recruitment that support the jihadist enterprise.

Nearly five years after 9/11, a 2006 National Intelligence Estimate concluded that “activists identifying themselves as jihadists … are increasing in both number and geographic dispersion.” As a consequence, “the operational threat from self-radicalized cells will grow in importance to U.S. counterterrorism efforts, particularly abroad, but also in the Homeland.” In testimony before the Senate, FBI Director Robert Mueller indicated concern about extremist recruitment in prisons, schools, and universities “inside the United States.” In March of this year, Charles Allen, Assistant Secretary of Homeland Security, concurred that “radicalization will continue to expand within the United States over the long term.”

More than a military contest, the jihadist campaign is above all a missionary enterprise. ... Recruiting is not merely meant to fill operational needs. It is an end in itself: It aims at creating a new mindset.

There is a distinction between radicalization and recruitment. Radicalization comprises internalizing a set of beliefs, a militant mindset that embraces violent jihad as the paramount test of one’s conviction. It is the mental prerequisite to recruitment. Recruitment is turning others or transforming oneself into a weapon of jihad. It means joining a terrorist organization or bonding with like-minded individuals to form an autonomous terrorist cell. It means going operational ...
So ... who are likely jihadist recruits?
Al Qaeda’s brand of jihad offers a comprehensive and uncomplicated solution ... It is a message that is especially attractive to angry young men and frustrated, compliant individuals.

Potential jihadist recruits in Western countries are part of a marginalized immigrant subculture or are themselves cut off even from family and friends within that community. The more vulnerable are those who are at a stage of life where they are seeking an identity, while looking for approval and validation. They are searching for causes that can be religiously and culturally justified, that provide them a way to identify who they are, and that provide a clear call for action. The jihadist agenda is action-oriented, claims to be religiously justified, and appeals to this relatively young, action-oriented population. ... This is the group that currently poses the biggest danger to the West.

Personal problems also play a role. Recruits often come from dysfunctional families, have experienced disruptive relocations, suffer identity crises, face uncertain futures, feel alienation; many are in trouble with authorities. ... But jihadists also include sons of well-off families, people with promising careers, and individuals who are seemingly well-adjusted. There is no single psychological profile and no obvious indicator to permit targeted intervention.
It's probably worth noting here that there is a difference between a terrorist recruit and someone like the Virginia Tech gunman. The Va. Tech shooter was a deeply disturbed individual who apparently developed violent fantasies within his own mind. It's very hard to intervene to stop that sort of actor unless he reveals his thoughts and desires - which this man apparently refused to do in multiple rounds of counseling and mental health treatment.

But unlike the anti-social Va. Tech gunman,
terrorist networks are inherently social. Terrorists must come together in social spaces to reinforce their own belief systems, share strategic and tactical information, and make plans for future actions. Because terrorism in general - and terrorist recruiting specifically - is an inherently social activity, it can be discovered and exploited more easily than a single disturbed individual can.

So ... what are the tactics that jihadists use to entice recruits? What social spaces do they use? What are the implications for counter-recruitment efforts?

Jihadists recruit one person at a time.

Volunteers move on by self-selection. There may be powerful peer pressure, but there is no coercion. Submission is voluntary. Not all recruits complete the journey. Commitment is constantly calibrated and re-recalibrated. Some drop out along the way. A component of our counter-recruiting strategy must be to always offer a safe way back from the edge.

While the jihadist message is widely and increasingly disseminated, the actual connection with the jihadist enterprise, outside of Middle Eastern and Asian madrassahs, appears random, depending on personal acquaintance, finding a radical mosque, or being spotted by a recruiter. That, in turn, suggests that the numbers are driven not merely by the appeal of the jihadist narrative, but also by the number of “retail outlets” where recruiters can meet potential recruits.

The recruiting process, therefore, seems to be not very efficient—the yield is low. However, only a few converts suffice to carry out terrorist operations. Nevertheless, this suggests that reducing the number of suspected recruiting venues would seriously impede jihadist recruiting.
To what degree are jihadist recruiters operative in the United States?
[A]rrests, along with intelligence operations, indicate that radicalization and recruiting are taking place in the United States, but there is no evidence of a significant cohort of terrorist operatives. We therefore worry most about terrorist attacks by very small conspiracies or individuals ...
How can our counter-recruitment efforts be more successful?
This suggests that efforts should be made to enhance the intelligence capabilities of local police, who through community policing, routine criminal investigations, or dedicated intelligence operations may be best positioned to uncover future terrorist plots.

Of these, continued intelligence operations are the most important. Radicalization makes little noise. It occurs in an area protected by the First and Fourth Amendments. It takes place over a long period of time. It therefore does not lend itself to a traditional criminal investigations approach.

Recruiting for jihad takes place both inside and outside of identified radical mosques and other known venues. These “retail outlets” can be identified and monitored. Surveillance, real and imagined, of recruiting venues can inform authorities of possible terrorist plots and may discourage recruiting. ... Prisons are another recruiting venue that could be better controlled.

Society’s purpose in this area is twofold: to deter vulnerable individuals from recruitment into destructive paths and to protect society itself against destruction—this may require preemptive intervention before manifest criminal behavior occurs.
Are there any unintended consequences to be avoided?
[T]he first principle must be to do no greater harm, to avoid misguided policies, needless hassles that only create enemies.
Who is best positioned to engage in counter-recruitment?
It is important to keep lines of communication open at all levels of government. This is community policing in its broadest sense, but the collection of intelligence and initiatives aimed at maintaining dialogue among communities and faiths are best handled at the local community level.
It is clear that local efforts to stop jihadist recruiting are vital. It is also clear that more can be done within local communities, as this report suggests. (Also see my post.) Community relationships are irreplaceable - not just to protect vital assets and to detect the signs of potential terrorism - but also to prevent conversion to radicalism and recruitment into terrorist operations.

Tomorrow I'll have more on preventing terrorism in local communities.

Beyond Chlorine: A Nitric Acid Bomb in Iraq

Insurgents in Iraq are getting better at building chlorine-release bombs, reports Global Security Newswire:

Victims in the [early chlorine] attacks were initially injured or killed by explosives rather than the gas. Since January, however, the composition of the [chlorine] bombs — the way they are assembled — has begun to change.

Along with casualties caused by the explosions, gas spread by the bombs sickened and sent scores to the hospital, Assistant Homeland Security Secretary Robert Stephen said. "There’s an increasing sophistication as we see these folks experiment," he said. "This is something that is troubling to us."

Analysts are studying how insurgents have altered their techniques to achieve more effective release of the chlorine, which has come from chemical depots and industrial sites in Iraq, Stephen said.
And now they're starting to try other chemicals.
An attempt to explode a truck carrying nitric acid at a military checkpoint in Iraq failed yesterday when the vehicle overturned before reaching its target, Reuters reported

The tactic mirrors recent bombings in which tanks of chlorine have been loaded on to car bomb.
This is just a couple of days after U.S. troops found a cache of nitric acid - 3000 gallons of it - during a raid in Baghdad:
U.S. forces in Iraq discovered stocks of nitric acid Saturday when they raided a Baghdad home, the Washington Times reported April 16.

Nitric acid can be used to make conventional explosives, but could have chemical weapon applications as well.

"It's an acid and causes chemical burns to the skin and burns the lungs and esophagus if it is inhaled," said Sgt. 1st Class Douglas Wallace of a U.S. Stryker brigade.

Neighbors alerted U.S. troops to the 31 barrels of chemicals ...
The important news here is that al Qaeda in Iraq is learning and adapting. Most if not all of the chlorine bombs in Iraq have been linked to al Qaeda. (I haven't yet found a direct link between the nitric acid and al Qaeda, but it's not an unreasonable supposition.) And they share tactical and operational information very well via the Internet. In a globally connected world, domestic risk increases when insurgents improve their tactical capabilities overseas, as DHS' Robert Stephen points out:
One of [DHS'] goals is educating local U.S. law enforcement about the hallmarks of the improvised bombs to better protect against such a tactic being used domestically.
In addition to law enforcement, I'd add a few others to the list. They certainly have an interest in this:
  • Fire Departments (esp. HAZMAT teams)
  • EMTs
  • Security managers at chemical facilities, water treatment facilities, transportation companies, etc.
  • Public health agencies
Prevention and response require collaborative effort.

Veryfast Biological Agent Detection

This is still in the research and testing phase - but wow - it's fast:

A new laser technique allows for instant detection of bioterrorism agents, permitting tests that previously were cumbersome or impossible, according to a report in the April 13 issue of the journal Science. In the Science paper, Texas A&M and Princeton researchers report on using lasers to detect anthrax in less than a tenth of a second.

"Our procedure can work for monitoring anthrax in the mail, but it can also scan the whole atmosphere," said Marlan Scully, the lead author of the paper. Currently, anthrax tests require that suspicious substances be cultured in a lab, a time-consuming process.

Although the Science paper focuses on anthrax, Scully said the same laser technique could be deployed in a wide range of applications, from national security to health. "There are a lot of other potential applications -- monitoring glucose in the blood of diabetics would be just one example," Scully said.
One of the difficulties of managing biological incidents - natural or intentional - is the time delay from exposure to the agent, to the onset of symptoms, to diagnosis. Reducing the amount of time it takes to detect biological agents could shorten that lag time, leading to more effective treatment and management.

In the meantime, local homeland security professionals should collaborate to ensure that they are ready for all biological threats. Many communities need to be better prepared for biological threats. (See these two posts.)

Radiation Detectors: Here, There, and Everywhere

The Secure Freight Initiative is getting its first operational tests, says Government Technology:

The departments of Homeland Security (DHS) and Energy (DOE) announced that operational testing is underway in Honduras and Pakistan to strengthen global supply chain security by scanning shipping containers for nuclear or radiological materials before they are allowed to depart for the United States. The tests represent the initial phase of the Secure Freight Initiative announced Dec. 7, 2006, which involves the deployment of nuclear detection devices to six foreign ports.

Secure Freight Initiative testing in Puerto Cortes, Honduras, started on April 2, 2007. Tests in Port Qasim, Pakistan, the first port to participate in Secure Freight Initiative, began in March of this year. Four other Secure Freight Initiative ports are expected to initiate tests this year. They are: Southampton in the United Kingdom; Salalah in Oman; Port of Singapore; and the Gamman Terminal at Port Busan in Korea.

Data gathered from overseas scanning of U.S. bound containers will be transmitted in near real-time to U.S. Customs and Border Protection Officers working in overseas ports and to the National Targeting Center. The data will be combined with other risk assessment information to improve analysis, targeting and scrutiny of high-risk containers.
But this doesn't mean that our problems are solved. Overseas dectectors are just one of a number of concentric rings of protection. (And even accurate detection won't help unless appropriate actions are taken in response to the recognition of a threat.)

It's worth noting that a recent GAO report said that the Domestic Nuclear Detection Office (DNDO) needs to compile better testing data on radiation detection systems - and, more immediately relevant to state and local homeland security personnel - DNDO needs to communicate better with state and local authorities, because they're responsible for some of those rings of protection.

The new GAO report extends their report of last October, in which they criticized DNDO's testing of Advanced Spectroscopic Portals (ASPs). (My summary of October's report is here.)
Current portal monitors, made of polyvinyl toluene (plastic) and known as “PVTs,” detect the presence of radiation but cannot distinguish between benign, naturally occurring radiological materials (NORM) such as ceramic tile, and dangerous materials such as highly enriched uranium (HEU). DNDO hopes that the next generation of portal monitors, known as “Advanced Spectroscopic Portals” (ASP), will be able to detect and more specifically identify radiological and nuclear materials within a shipping container. DNDO has stated that it will begin conducting tests of ASPs in February 2007 and begin fielding ASPs in spring 2007.

As of October 2006, which is the most recent date for which complete data are available, DNDO and Customs and Border Protection (CBP) had installed 912 portal monitors at the nation’s points of entry. All of the portal monitors are PVTs. According to senior DNDO officials, DHS plans to deploy at ports of entry this year 60 of the 80 ASPs that it has purchased with fiscal year 2006 funds. DNDO plans to use the remaining 20 ASPs for further testing or refurbishment after it has completed its tests on ASPs this year. Ultimately, DHS plans to deploy about 3,000 portal monitors at the nation’s points of entry by September 2009. However, as we reported in March 2006, CBP’s deployment of portal monitors is behind schedule, and it appears unlikely that CBP will be able to reach its deployment goal on schedule.
That sounds okay, even if it's a bit behind schedule. But ... will the detectors work? That's a little less certain. Testing is incomplete:
DNDO has not yet collected a comprehensive inventory of testing information on commercially available PVT portal monitors. Such information—if collected and used—could improve DNDO’s understanding of how well portal monitors detect different radiological and nuclear materials under varying conditions.

According to radiation detection experts, portal monitor tests are important because they help determine how well the monitors work in real-life situations and provide information for making the monitors better. In addition, DNDO and radiation detection experts agree that portal monitors should be tested both in a laboratory-controlled setting, to learn about their performance capabilities, and under an assortment of real-life conditions, such as at seaports, to learn how well they perform under various environmental conditions in the field.
So there is some uncertainty there. Complicating matters further, state and local agencies are expected to purchase and install radiation detectors, based on their own knowledge (limited) and DNDO's advice (based on an incomplete survey of test results):
Furthermore, according to DNDO’s Expenditure Plan, DNDO expects to rely heavily on the participation of state and local agencies to help protect the interior of the nation from a radiological or nuclear attack. In this regard, DNDO plans to support these agencies’ efforts to develop radiation detection and interdiction capabilities. For example, DNDO plans include working with state and local agencies to, among other things, deploy fixed and mobile radiation detection systems to help defend major, high-risk cities. As part of DNDO’s Securing the Cities Initiative, it plans to identify a limited number of high-risk regions, then provide these regions with federally owned radiation detection equipment along with related training and other support packages. DNDO expects that state and local agencies will eventually purchase their own equipment and assume increasingly greater responsibilities in radiation detection efforts within their borders.
To their credit, DNDO has made efforts to communicate with state and local authorities - but they have made a basic error of information-sharing: they have not asked state and local authorities what kind of information they need. (Information -sharing 101: it has to be a two-way street).
To further assist states and localities in their radiation detection efforts, DNDO has begun training state and local officials on how to operate radiation detection equipment. For example, state officials may attend 2-day training courses for law enforcement officials at DHS’s Counter Terrorism Operation Support facility at NTS. Moreover, DNDO has worked to get DHS to provide grants to state and local governments to, among other things, fund their radiation detection efforts. For instance, in September 2006 DHS issued grants totaling $3.2 million to states such as Kentucky and South Carolina to invest in fixed, mobile, and handheld radiation detection equipment at interstate truck weigh stations. While DHS provides some information to states and localities on radiation detection equipment, officials from some states told us that DHS has not sought much input from them on what types of information they find most useful or valuable.

[O]fficials from 8 states and the District of Columbia told us they would benefit from having more direct guidance to assist them in making purchasing decisions. According to officials from these 9 entities, they could use DNDO's input to help overcome their lack of experience and technical expertise.
To give DNDO their due, they really are trying:
DNDO is improving its efforts to provide technical and operational information about radiation portal monitors to state and local authorities. For example, DNDO recently helped to establish a Web site (the Responder Knowledge Base) that, among other things, includes information for state and local officials on radiation detection equipment products and performance requirements. However, some state representatives with whom we spoke, particularly those from states with less experience conducting radiation detection programs, would like to see DNDO provide more prescriptive advice on what types of radiation detection equipment to deploy and how to use it.
And they're somewhat limited in the advice they can give:
DNDO maintains that federal regulation prohibits it from recommending to state and local officials portal monitors that are made and sold by specific manufacturers.
And they recognize the problem:
DHS also concurred with our recommendation that it confer with state and local officials regarding their information needs, pointing out a number of ongoing efforts to disseminate information. These include: meeting with its stakeholder group comprised of representatives from 22 states, offering help at establishing standards, providing test reports, developing response protocols, providing detection training, and facilitating access to federal experts for alarm adjudication, analysis, and nuclear detection-related information and intelligence.
But still, a problem's a problem.

To sum up: DHS' plan is to install radiation detectors overseas, in U.S. ports, and in U.S. cities. It's all protective intervention, with the goal of finding radioactive needles in the haystack of cargo. They are going to rely on state and local officials to do some of this detection, with some limited guidance from DNDO.

But the testing data on the radiation detectors is somewhat questionable, and the deployment schedule is falling behind. Hmm...

State and local authorities might want to consider other steps, such as identifying local sources of radioactivity and collaborating with their caretakers regarding their security (e.g., hospitals, food irradiators, oil and gas drilling operations, etc.) Another idea is what New York did - conduct a baseline radiological survey of the area, so that it easier to spot anomalous radiation.

The best security system will not solely rely on detection. The "detection" set of concentric rings should only be one in a system of concentric rings.

Monday, April 16, 2007

A Contamination Risk of Imported Food?

Ever since the discovery of contaminated wheat gluten from China that led to the deaths and illness of thousands of pets, the question has arisen whether the same kind of thing could happen with imported human food.

Some reporting today from the Associated Press suggests it could:

Just 1.3 percent of imported fish, vegetables, fruit and other foods are inspected — yet those government inspections regularly reveal food unfit for human consumption.

Add to that the contaminated Chinese wheat gluten that poisoned cats and dogs nationwide and led to a massive pet food recall, and you've got a real international pickle. Does the United States have the wherewithal to ensure the food it imports is safe?

Food safety experts say no.

With only a minuscule percentage of shipments inspected, they say the nation is vulnerable to harm from abroad, where rules and regulations governing food production are often more lax than they are at home.

"FDA doesn't have enough resources or control over this situation presently," said Mike Doyle, director of the University of Georgia's Center for Food Safety, which works with industry to improve safety.

Last month alone, FDA detained nearly 850 shipments of grains, fish, vegetables, nuts, spice, oils and other imported foods for issues ranging from filth to unsafe food coloring to contamination with pesticides to salmonella.

Each year, the average American eats about 260 pounds of imported foods, including processed, ready-to-eat products and single ingredients. Imports account for about 13 percent of the annual diet.

How did the melamine wind up in the wheat gluten [in the pet food]? Investigators still don't know.

The FDA and the USDA have adopted a "risk-based" inspection philosophy, focusing on specific foods, sources or producers that they believe represent the largest potential risk to the public's health.

"We have better control than we did a few years ago but it is largely the responsibility of the importer to make sure those products are safe," said Stephen Sundlof, the FDA's top veterinarian.
For local homeland security professionals, this is mostly a question of mitigation. It's the job of USDA and FDA to prevent the importation of contaminated food, and if they don't stop it at the border, local communities would have to deal with local effects. Recalling that the DHS Inspector General recently reported that public panic is a likely result of a major food contamination incident, it's worth giving some thought to this:
Commentators on the subject have observed that an adverse food sector event could also reduce state and local governments’ ability to maintain order and deliver essential services. A major food contamination event could engender public panic on a local or mass scale, depending on the affected food product and population, and media coverage of the incident.
(Also see this post for my summary of the report.)

Questions for local homeland security professionals include:
  • What level of collaboration is there among local public health agencies, healthcare providers, and other local authorities (e.g., elected officials, law enforcement)?
  • What healthcare resources are available?
  • What communication plans are in place?
  • How can local authorities maintain the public's confidence?
  • Does everyone know their role in the event of a public health emergency?

A lot of these questions are relevant to other public health concerns such as pandemic flu or other biological threats. By taking a collaborative approach and addressing a range of potential hazards, local homeland security professionals can make the best use of the resources available to them.

Updated 04-23-2007: A guest column in the Washington Post by former food executive Peter Kovacs echoes some of the concerns about imported food, especially from China:
One pound of tainted wheat gluten could, if undetected, contaminate as much as a thousand pounds of food.

Often, U.S. officials don't know where or how such ingredients were produced. We know, however, that alarms have been raised about hygiene and labor standards at many Chinese manufacturing facilities.

That it was pet food that got tainted -- and that relatively few pets were harmed -- is pure happenstance. Earlier this spring, Europe narrowly averted disaster when a batch of vitamin A from China was found to be contaminated with Enterobacter sakazakii, which has been proved to cause infant deaths. Thankfully, the defective vitamin A had not yet been incorporated into infant formula. Next time we may not be so fortunate.