With millions of passengers travelling each day by rail and subway in the United States alone, the passenger rail industry and the communities they serve are faced with difficult safety and security challenges – from equipment failures to terrorist attacks. A whole community approach is needed to address these challenges, to understand the threats and consequences, and to promote a culture of resilience.
A roundtable held in New York on 9 January 2018 examined current issues and progress regarding this important topic from government and private sector experts. Key discussion points included current threats, vulnerabilities, consequences, and interdependencies that need to be addressed in order to avoid or mitigate a potentially catastrophic incident:
- Capacities in public/private sector passenger rail infrastructure preparedness;
- Local, regional, and national infrastructure resilience interdependencies involving passenger rail;
- Rail security and safety regulatory trends;
- Railroad and government partnerships; and
- Consequences of a cyberattack on Supervisory Control And Data Acquisition (SCADA) systems.
The January roundtable and its key takeaways continue the discussion that began in Washington, D.C., on 10 October 2017. At the October meeting, Joseph Trindal moderated a discussion on Emerging Threats to Rail Infrastructure: Part 1, Freight. Those subject matter experts noted the similarities and differences between threats to freight and passenger rail. The freight rail discussion raised significant concern for hazardous materials, military transport, critical infrastructure, communications, and cybersecurity. Although all of these issues are applicable to the passenger rail industry as well, there is one significant difference – people.
Passenger rail incidents increase the possibility of mass casualties, the need for public information sharing, and the importance of public situational awareness. As demonstrated in 2015 by three Americans, a French national, and a Briton travelling to Paris, situational awareness and quick action before law enforcement arrives could save lives. After the gunman opened fire in that train, these passengers subdued the suspect, provided first aid to victims, and shared valuable information about the incident to law enforcement. Unlike freight rail, the public plays a more significant role and must be included as a key partner in the planning process. Similarly, other rail passengers may find themselves someday pushed into the role of “first responder” when an incident occurs in transit. As such, incident awareness is critical even when formal training is lacking.
In addition to terrorist-related attacks, three recent Amtrak incidents – collision with a dump truck in Washington in December 2017, train derailment in Virginia in January 2018, and collision with a freight train in February 2018 – have gained national attention. Such incidents have brought public attention to the need for improvements in the rail infrastructure, protocols, and technology such as positive train control. Although public and congressional debate has been spurred by these events, the rail industry has been taking steps to address safety and security gaps for years. For example, in June 2015, Southern California’s Metrolink was the first passenger rail system to implement a positive train control system across its entire network. In addition, Amtrak provides free training through its Operation RAILSAFE (Regional Alliance Including Local, State And Federal Efforts) program to local stakeholders to help build awareness among planners, responders, and the passengers who may one day be affected.
Intelligence & Security Concerns
Al-Qaida recently published the 17th volume of its Inspire magazine. This issue is dedicated to exploiting the U.S. rail networks for attack. Their goal is to steer potential lone actors and disconnected violent extremists to target rail systems, which includes the passenger rail network. This specific threat underscores the need for the U.S. rail transportation industry to maintain and strengthen partnerships with federal, state, and local authorities.
To begin the 9 January 2018 discussion, the moderator – James Cook, inspector in the Amtrak Police Department – put the rail security challenge into perspective with regard to financial investments. According to his former boss, he quoted, “The government spends billions of dollars to protect millions of passengers in air travel, while spending millions to protect billions of passengers in the mass transit world.” Even though passenger rail threats have, to date, been more frequent outside the United States, threats of attack from terrorist groups have heightened across all developed countries. Two recent attacks did not reach their full intended potential, but still gained broad attention worldwide: (1) in August 2015, a man opened fire with an assault riffle in a train traveling to Paris, France; and (2) in December 2017, a suspect inspired by the Islamic State (IS) group detonated a pipe bomb in the New York subway.
A shift in terrorist tactics makes early detection of such threats more difficult. Large-scale coordinated attacks using chemical and biological weapons are less common than those of lone actors employing guns, knives, and improvised explosive devices against open public space targets, as demonstrated by the Islamic State of Iraq and the Levant (ISIL). However, no tactic should be overlooked. Edward Bruce, director of intelligence for the New Jersey Transit Police, shared some insight into current and emerging threats to mass transit, which can be categorized into four groups: international terrorism, homegrown violent extremists, domestic terrorism, and single-issue extremists/lone offenders.
Whether working as an organized group or as a radicalized individual without direct affiliation with a terrorist organization, the type of weapon used influences the potential scale of the event. While the use of explosives, small arms, edged weapons, and vehicles ramming pedestrians remains the prominent concern for mass transit, Bruce mentioned a potential future threat of ISIL-inspired extremists desiring to use simple improvised chemical dispersal devices, as demonstrated in a recent plot from Australia. He explained that the plume from an improvised chemical device could be perceived as a fire-based smoke condition, which could put even more people in danger, due to a misunderstanding on how to effectively respond. Furthermore, with the rise of ISIL to prominence in 2013 and 2014, threats do not have to be transportation specific to be a concern to mass transit. Threats to any open public space venues at or near mass transit stations would raise the threats to mass transit as well – as demonstrated by the attack on the Manchester Arena, which was co-located with Victoria Rail Station. Homegrown violent extremists remain mass transit’s number one threat. However, it has become increasingly difficult to collect intelligence on single-issue extremists and lone offenders who operate in an isolated manner. It is probable that intelligence on a single issue extremist or lone offender will be gathered by an employer’s human resources department or by the subject’s family and friends before law enforcement. People closest to that individual are likely to be the first to detect a potential threat.
Michael Gray, adjunct faculty in the Global Business and Transportation Department at the State University of New York, expressed a growing concern about ramming incidents and attacks outside hardened security areas. For example, in November 2014, a man drove a car into a crowd of people near a light rail station in Jerusalem. In May 2017, a suicide bomber attacked a crowd at an Ariana Grande concert in Manchester – British Transport Police officers and Northern Rail employees were among the first to respond. In Istanbul, where security at checkpoints has been increased, terrorists simply began moving their efforts to target crowds outside the security checkpoints.
Threat Mitigation
Information sharing and understanding cascading effects of even small incidents can help minimize security gaps. With much focus on large-scale, unconventional, less-frequent incidents, simpler tactics that are quick, easy, and productive can more easily breach security efforts such as targeted passenger screening and magnetometers. “There is currently no screening system that will screen everyone in a mass transit environment and to attempt to implement airport-style screening on mass transit would remove the ‘mass’ from mass transit,” said Bruce. He further noted that, everyday in mass transit, the passenger levels are equivalent to or greater than a large-scale event held at a stadium or outdoor event. Any station can be a target, with times and locations of trains publicly posted. Yet, even a small incident can have a widespread devastating impact.
Thomas Lockwood, board member of the Secure Technology Alliance, highlighted that, for many people, cybersecurity is perceived as isolated and personal nuisance issues. Many do not understand potential impacts of business enterprise as well as operational products and services. For example, a brief disruption in payment systems can nearly instantly stop the flow of people and traffic; or an attack on enterprise can stop communication, information sharing, and situational awareness. For regional transportation authorities, if a system cannot be used because payments cannot be made, it would result in a significant effect on mass transport. “Big issues like terrorism are a concern, but everyday small issues like malware can have a significant impact,” said Lockwood. He warned that systems today are not as isolated as they used to be, and the risks posed are critical. This is especially important for maintaining public confidence in the mass transit system.
In addition to the cascading effects of a brief cyberthreat, secondary threats can spread rapidly via mass transit. For example, biological and chemical agents pose threats to outliers, when a contaminated person travels to other locations, potentially spreading the incident to other jurisdictions. Roundtable participants agreed that boots on the ground need to know what to do in such circumstances, but building public awareness is a challenge. With regard to public awareness efforts, Bruce said, “It’s not just a question of how effectively it is sent out, but how effectively it is heard.” Mass transit providers focus on transporting people to their locations quickly, efficiently, and safely, while many commuters spend the time occupied with their electronic devices, wanting to just “enjoy the ride.” Attitudes like this may hinder reception of public awareness efforts. The “See Something, Say Something,” which began in mass transit, is effective, but only with an alert public.
Heightened awareness is especially important to detect precursors – or preparatory training – for a larger attack. Mass transit is inherently a complex environment with high-value targets that need to be protected. Joseph Brandine, manager of Chem, Bio,Rad Security Programs for Metro-North Railroad, stated that creating a modular “system of systems” is a good plan. However, since many detection system vendors still operate independently and proprietarily, a faster common operation software integration process is needed to address a system-wide development. Sebastian McClendon, CBRN project manager for The Port Authority of New York and New Jersey, agreed that better integration is needed to address a potential system-wide, cascading issue.
As an intelligence officer for mass transit law enforcement, Bruce has to consider both perspectives. From an intelligence standpoint, he explained that the intelligence community tends to focus on predominant (asymmetric) threats. Although adjusting focus to emerging threats can sometimes be slow, the intelligence community (both the U.S. Intelligence Community and law enforcement intelligence) is getting much better at adapting to a dynamic threat environment. From a mass transit standpoint – no matter what the incident is – terrorism becomes the initial concern and must be ruled out first, and then the focus can move down to lesser threats. It is much more difficult to shift from a smaller criminal concern to a larger terrorist concern.
CBRNE Threats & Assets
Cook raised the question about whether New York transit agencies have the resources in place to combat current threats in chemical, biological, radiological, nuclear, and high-yield explosive (CBRNE) domains. Brandine of Metro-North Railroad stated that, since 2004 when the Republican National Convention was hosted in New York City, the city has had a complex detection system in Penn Station and Grand Central Station. This system helps the metro system meet its protection goal, but funding is an ongoing challenge. On the law enforcement side, Lt. Art Mogil of the New York Police Department, stated, “We will never have enough resources to protect all transit stations.” He described how the city has 472 stations, each with multiple entrances, plus roughly 700 miles of track. With that in mind, he said it is necessary to conduct protective operations selectively based on intelligence, population density, etc.
Bobby Baker, captain and WMD/hazmat coordinator for Dallas Fire Rescue’s Special Operations, stated that Dallas does not have a dedicated hazmat team. Although a report he cited showed that not having such a team increases risks, early identification and classification of agents can mitigate secondary threats. An integrated planning approach can bridge the “silos” (e.g., between firefighters and police officers), which make it more difficult to identify threats before or in the early stages of an incident. For example, he described a scenario where an active shooter could be used as a diversionary tactic to spread contaminants by sending contaminated victims to hospitals that are not equipped with CBRNE detection equipment. He stated that CBRNE detection should be deployed and positioned outside patient receiving facilities.
Tony Mussorfiti, lieutenant (retired) of the Fire Department of New York (FDNY), described HazMat Company 1, FDNY’s dedicated hazmat team, which includes seven technician specialists and an officer, and has been in operation since 1984. The team was proficient in the handling of hazardous materials, but – after the Tokyo subway sarin attack committed on 20 March 1995 by members of the cult movement Aum Shinrikyo – the members of HazMat 1 needed to develop procedures on how to handle contaminated victims as well. To address that concern, the team used a “tiered response” (mission-specific), with specialized units to assist with rescue, recovery, and other tasks. Today, the team plays a key role in deterring terrorist incidents and lessening the consequences.
Measuring Risk & Deploying Assets
The response to low-frequency, high-consequence events needs to be more proactive than reactive, which includes rapid deployment of assets. To facilitate rapid deployment, assets need to be available and plans in place well in advance of the incident. “We don’t watch a bunch of houses burn down before we install smoke detectors,” said Baker to emphasize the point that an incident that could be mitigated with the proper resources can turn catastrophic without them.
The question is how to measure risk and determine where to deploy assets. Just a few of the numerous risk factors include the quantity of people affected, impact on the economy, and criticality within the overall system. With regard to counterterrorism and risk management, Bruce stated, “Threat is a frequency issue, but risk is a larger cost and response issue. Threat is one factor of risk.” He explained that a threat may be something that is likely to occur, but when considered alone, it might not tie into the vulnerabilities or address the consequences (e.g., cost to mitigate). When addressing a high-consequence concern, it is critical for intelligence-led agencies to balance resource allocations by considering the use of risk-based planning.
Planning gaps related to risk (e.g., updating protocols, coordinating with neighboring jurisdictions) must be addressed. Ken Metz, inspector for Amtrak Police New York Penn Station, described how his agency performs risk management for certain buildings, listens to intelligence reporting, considers baselines and best practices, learns about emerging threats, and then re-evaluates these facilities. Even when the railways themselves are not affected, an incident can affect the finances of the company, people entering the buildings, and how people travel. When a new threat is introduced, he said it is time to re-evaluate the trains, stations, or yards to ensure the threat is mitigated.
Stakeholder Roles, Partnerships & Information Sharing
The next topic of discussion turned to the roles that stakeholders play, their partnerships, and the way they share information. “The relationship factor is where things go forward,” said Baker.
According to Metz, Amtrak works with a lot of state and local partners through Operation RAILSAFE. The concept of this alliance is to increase the number of law enforcement officers at stations, which provides an opportunity for the officers to exercise their counterterrorism and incident response capabilities. Such networking efforts also promote higher involvement as needed when an incident occurs. Being able to see each other and work together on a regular basis improves stakeholder involvement.
Fusion centers and the Federal Bureau of Investigation’s (FBI) Joint Terrorism Task Force (JTTF) help to build relationships within the intelligence community. The FBI also has a rail security coordinators program, where each FBI office has a rail security coordinator within the JTTF. This coordinator ensures that connections and intelligence are shared with the right people. In New York, integrating the fire services into the JTTF has also improved coordination for responses.
Constant communication and networking are critical at the tactical level as well. Spearheaded by the NYPD, Mogil described how the Securing the Cities Program helped identify a gap in capabilities. As a result, the program implemented common equipment, settings, training, and terminology, which facilitate the intelligence-sharing process. By communicating frequently, gaps in resources can be identified early, and mutual aid can be implemented efficiently.
With much of the discussion focused on New York City, Rick Mathews, Public Service Professor at the University of Albany, pointed out that mass transit discussions often focus on big city assets. However, much of the rail transit system goes through small and rural areas, where jurisdictions may not train as well together at the group level. Interoperability needs to be encouraged across both large and small jurisdictions. He noted that plans for an attack on mass transit within a big city like New York would encounter barriers already in place. However, lack of such barriers in less populated areas would have greater vulnerabilities (e.g., a terrorist boarding a train in a small unguarded station and traveling into a large, heavily populated station).
Even with Amtrak’s outreach efforts across the jurisdictions that rail lines cross, repetition is critical. Metz said that, “Doing it once does not mean success. It needs to be done repeatedly.” Chuck Frank, director of emergency management and business continuity at Metropolitan College of New York, said that his university uses a “constructive action” process to help create and implement emergency plans. However, he also noted that stakeholders may reprioritize changes based on what is perceived as the greatest threats and risks, rather than what the greatest threats actually are. For example, the Inspire magazine article on rail threats captures the public’s imagination, but actions to mitigate them without using a holistic approach may be misguided.
In addition to different perceived risks and threats, each state and jurisdiction has a different way of conducting operations. Although these differences need to be recognized – especially considering that rails and buses transverse jurisdictions – agencies cannot wait for training before they become well acquainted with other key stakeholders.
After 9/11, fusion centers helped stakeholders understand roles and request information and protocols, but key interdependencies are sometimes underestimated. Withholding information or releasing it at the wrong time can have significant impacts. Similarly, releasing different organizational perspectives can cause further disruption. It is important to think about how people understand basic incident management coordination and information sharing because, as Lockwood witnessed in several incidents, the private sector has yet to embrace or be fully integrated into the process.
Strategic alliances and partnerships are one way to address the issue that every agency lacks some resources. Robert Black, senior associate of operations at Applied Integrated Security, shared the example of the U.S. Coast Guard (USCG) having operational and strategic memoranda of agreement (MOAs) with many local communities to fill capability gaps and to build force multipliers (e.g., law enforcement functions, environmental protection and enforcement, critical infrastructure security).
Similarly, Amtrak’s Operation RAILSAFE addresses security over the ground, air, and water through alliances with state and county aviation units. Through these partnerships, law enforcement officers gain coverage from an aerial perspective while using the opportunity to educate the pilot and copilot on law enforcement aspects of the rail system. Amtrak also has maritime alliances with the USCG and other law enforcement agencies.
Bruce stated that it would be difficult to respond to a law enforcement incident in New Jersey without having to work well with other agencies. Cooperation and joint operations are critical. As such, coordination is imperative. The NJ Transit Police Department regularly coordinates with Amtrak PD, MTA PD, PAPD, NJ State Police, NJ OHSP, FBI, TSA, DHS, and many other key stakeholders. From the law enforcement and emergency response perspectives, the jurisdictional conflicts seen in past decades are in the past, and the concepts of joint operations and unified command are integrated into daily operations.
Resilience Drivers
Roundtable participants then discussed how agencies should consider how they would continue functioning when one rail line or one operational component is removed. For example, one previous Amtrak incident had an ultimate $45-million impact on the U.S. economy. For a systems architecture, the process needs to build in both security and resilience to avoid having a single point of failure.
It is difficult to retrofit resilience. For example, although some train tunnels need repair, there would be significant economic impacts if one were to be shut down temporarily (which could be for years) for repair. Law enforcement officers, for example, do not build the tracks, but they are tasked with ensuring that the security process is streamlined across various jurisdictions. Getting critical assets to the scene when there is resistance to move those assets can be facilitated with the right planning and networking (e.g., police escorts for concrete trucks to lessen red tape delays).
Many decision makers do not participate in high-level exercises, even though they are involved in strategic decision-making during an incident. The problem is determining how to create a good mechanism to make these decisions, and exercise and train the decision makers. This includes having a government structure that embraces volunteers to overcome funding gaps and overwhelmed agencies. This was seen during Hurricane Harvey in 2017, when the Cajun Navy filled the response gaps despite not being included in the disaster planning process.
The NYC Emergency Management Department streamlines its decision-making process by working closely with all city agencies, nonprofit and nongovernmental organizations, and state and federal agencies. In addition to traditional stakeholders, NYC Emergency Management also works with Community Emergency Response Teams (CERT), Voluntary Organizations Active in Disaster (VOAD), and its Ready New York program to promote volunteerism within the city. “Volunteers are the richest resource,” said Anita Sher, assistant commissioner for the Training & Exercise Division at NYC Emergency Management. To address gaps in training the decision makers, NYC Emergency Management has moved away from large-scale exercises to smaller more-frequent training and tabletop exercises. This approach brings in senior-level people to help them better understand their obligations and roles during critical incidents.
Black mentioned a high-level tabletop exercise (TTX) that was held by USCG Sector NY, notably involving the Mayor’s Office, NYC OEM, the Captain of the Port, the Port Authority heads, top level law enforcement, and senior emergency responders, among others. In the TTX scenario, hijackers had seized a chemicals tanker just above the Verrazano-Narrows and were holding the region hostage. The tanker had two separate but stable chemical cargoes which, when mixed, would become a city-leveling mass destruction explosive. The scenario fully engaged in play the metropolitan area’s highest-level federal, state, and local decision-makers. The TTX outcome was considered a success but remains one of only a few that have been run.
Funding challenges are compounded when there are misunderstandings about natural disasters versus terrorist-related disasters. Baker pointed out that terrorism, which requires a presidential declaration for appropriation of funds, does not qualify for the Stafford Act, which typically falls under natural disasters. As such, expected funding may not be available. In such cases, the economic impact becomes exponential, so volunteers become even more critical.
Another way to bridge the gap between agencies and organizations is to use standards and procedures such as the Incident Command System (ICS) and the National Incident Management System (NIMS), which offer free online training to build continuity between agencies and organizations. As such, many incidents have become ICS driven. Baker noted that, in one Texas team leader course for preventing radiological and nuclear disasters, part of the training involved building an incident action plan and ensure the ICS/NIMS forms are filled out correctly. Mussorfiti added that, although NIMS compliance is needed for some funding, OSHA, NFPA-475, and other documents could provide critical backing for resource and equipment needs that could help build resilience.
Resilience and incident response, of course, are not the same. Bruce stated that he believes major incident responses are done well, but resilience involves putting systems in place to prevent incidents from having such a large impact. When considering resilience and interdependencies, Bruce said, “We still have large gaps to overcome…. We need to build robust systems that can flex around an incident.” As an example of misunderstanding resiliency, he described an incident in the Port Authority Bus Terminal that prevented buses from entering. This is an example of a short-term response effort by redirecting the buses, but he would not consider that a resiliency program.
Resilience looks at how robust the system is and how much an incident will affect the system. Robert Bradley, battalion chief (retired) at Middletown CT Fire Department and a senior instructor at Louisiana State University and National Center for Biomedical Research and Training, described one challenge with meetings and training: emergency managers and emergency responders go to critical incidents in the initial phase, and then go home, while others are tasked with rebuilding and recovering. The missing steps are identifying, connecting (and staying connected) with, and getting the infrastructure and other private sector people involved. Building these relationships can be difficult because their time and systems cost money, but long-term resilience and long-term cost savings are difficult without it.
“The bulk of risk agencies carry often comes from a lack of resilience, making unique assets more critical to their operations,” said Bruce. Though entities charged with developing infrastructure do consider resilience, they may benefit from further coordination on resiliency with emergency preparedness and response communities. Bradley agreed that gap analyses can help identify training components, but they too need to be expanded and built upon.
A lot of mass transit infrastructure is aging or old and, regardless of the type of incident, outdated infrastructure has an impact. Without fixing and updating these structures and standards, some response efforts cannot be as effective.
Information Sharing
“Effective resiliency requires effective redundancy,” said Tim Stickler, director of CBRNE protection technology at Federal Resources. This statement could be applied to equipment and other resources, funding streams, and information sharing. Interdependencies and resilience efforts have ripple effects across the country, even when incidents are local. The intelligence community is moving rapidly to address these concerns.
After an incident, restoring operations begins immediately. However, when a major event occurs, each agency puts out perspectives from its agency. As a result, too much information can become “white noise,” said Cook. There needs to be a determination of what is considered “good intelligence.”
There has been a maturing of the intelligence sector, which now realizes that capabilities exist within many different sources. Bruce has noticed that the “walls” between intelligence and law enforcement have been coming down. However, distributing information to the lowest level can still be challenging. The goal is to get as much information to the boots on the ground. To do so, commanders need to be able to share information whenever needed. Therefore, ensuring that operations and intelligence work closely is critical, so that information is unified and sent with a common purpose.
There is enough information at the unclassified level that can be shared to successfully steer operations and inform situational awareness. There has been growth on the operations side as well. Commanders and officers now understand that intelligence is a two-way flow of information, which is critical to improving both intelligence collection and dissemination.
Technological & Regulatory Influences
The roundtable discussion then turned to the feasibility of a cyberattack on mass transit and the steps that have been taken to prevent an attack. In the rail industry, cyber influences can often be overlooked. It is easy to remember bombs and other physical threats, but cyberthreats are not always at the forefront of planning efforts. How people prepare for cyberthreats can vary significantly as well. Black, who is also a member of the InfraGard’s EMP Special Interest Group, stated that cyberattacks certainly are feasible because of the integrated systems of computers, communications, and the national electricity grid.
Although the threat is real, there are actions that individuals can take to mitigate the threat. On the ground level, for example, each person has a responsibility to not expose passwords, which can invite threats. Password protection and two-factor authentication on computers and keypads guard critical information. Protecting credit cards and other financial information is also a significant concern.
Years ago, operational and business systems were isolated and separate systems. However, since the 1980s and increasingly over time, these systems became interdependent and interoperable. This integration provides multiple areas of risk and potential attack. The increasing use and integration of third-party providers and unauthenticated systems create vulnerability because access to one system may provide access to another. With the “internet of things,” an accounting of transactions is required, but security elements have not been stressed. More security requirements – including multi-factor authentication, mandating third-party access requirements, and other protections to reduce cyberrisks – are needed. The points of entry for cyberthreats are numerous, so security gaps need to be addressed. A May 2016 report conducted by the Preparedness Leadership Council International provides some recommendations.
Resilience can be expensive when done in retrospect, but it can be relatively inexpensive if built into the structure and process upfront. Fixing the problem is a challenge because, “When it’s everybody’s problem, it’s nobody’s problem,” said Lockwood. However, Lockwood did provide the following suggestions:
- Determine how the public and private sectors are structured to share information
- Create opportunities to get cyber leaders together to talk in trusted environments
- Include cyber-related issues and private sector within exercises
- Identify gaps in information sharing, common understanding of risk, prevention, resiliency, and recovery strategies
- As cyberthreats change, change cyberprotection as well
- Promote minimum requirements and understanding of contractual requirements for third-party organizations
- Encourage adoption of security guidelines and standard requirements
- Offer internships as cyber analysts in fusion centers
- Understand that each person must take some responsibility
Key Takeaways
Passenger rail security has to adapt as threats against railroads and the surrounding areas evolve. The roundtable participants discussed various threats that could affect the rail system and possible solutions for closing security and resilience gaps. Some of the key takeaways from the Emerging Threats to Passenger Rail Infrastructure roundtable discussion include:
- Terrorist tactics are shifting – Through outlets like Inspire magazine, terrorists have overtly expressed an interest in targeting and disrupting rail travel, and have provided instructions on how to do so. Lone actors with conventional weapons are more likely than large-scale chemical and biological attacks.
- Threat perceptions can influence incident scale – When people do not recognize a threat (e.g., a toxic plume), they may not take measures to avoid it or may even approach it. Similarly, better education, warning systems, and information sharing could lessen any threat’s impact.
- Non-rail threats can become rail threats – When areas surrounding rail infrastructure are compromised, it can have cascading effects on the rail system. Similarly, secondary threats like contaminants can be transported quickly via rail, thus expanding the incident.
- Small threats can become big threats – A threat to a small rural station can lead to consequences throughout the rail network. In addition, a cyberattack within the rail system can affect traffic patterns and payment systems, cause significant delays and closures, and influence operations of other agencies and organizations in the surrounding area.
- CBRNE detection needs more integration – CBRNE detection measures have been implemented in some high-risk areas, but it is not possible to have specialized teams and equipment in all areas of mass transit. Better integration between hazmat teams and other responders would serve as a force multiplier in early identification of potential threats.
- Planning gaps increase risk – Planning involves a never-ending cycle of assessing, learning, implementing, sharing, and re-assessing. Risk assessments, best practices, MOAs, and two-way communication are just a few ways to help close planning gaps.
- Public awareness continues to be a challenge – With the broad use of technology such as cellphones and tablets, situational awareness may not be practiced and potential threats may go unnoticed. Pushing information to the public does not guarantee that the public will hear it. Repetition is key and messaging from multiple agencies must be coordinated.
- It is better to build in resilience than to retrofit it – The rail infrastructure is aging and sections will soon need to be replaced. Decision makers should be proactive and consider long-term resilience versus short-term cost savings. Lack of resilience creates risk.
- Decision makers need to be involved in training – Senior-level stakeholders understand their roles and responsibilities during daily operations, but they also must be aware of how these can change during critical incidents. Smaller, more frequent training may engage them more easily than large-scale exercises.
Conclusion
Passenger railroads could be a desirable target for terrorists because of the high-volume of passengers and interconnected rail lines that span the nation. The ripple effect of a cyberattack on the ticketing system, a conventional attack in a busy train station, or a biothreat in a train car could have devastating consequences. The intelligence, law enforcement, and transit communities are adapting to address these and emerging threats, but terrorists continue to evolve their tactics with each new security effort. Risk assessments, interagency and public-private partnerships, cybersecurity measures, CBRNE detection technology, training at all levels, information sharing, and long-term planning are ways to build resilience and security into the rail infrastructure.
DomPrep would like to thank Federal Resources, who sponsored the 9 January 2018 roundtable discussion in New York. Also a special thanks to all those who participated in that discussion, upon which this white paper is based. The participants who contributed to this important discussion include but are not limited to the following:
Bobby Baker, Captain, WMD/HAZMAT Coordinator, Dallas Fire Rescue, Special Operations
Robert Black, Senior Associate/Operations, Applied Integrated Security
Robert Bradley, Battalion Chief (Retired), Middletown CT Fire Department, and Senior Instructor, Louisiana State University, National Center for Biomedical Research and Training
Joseph Brandine, Manager, Chem, Bio, Rad Security Programs, , Metro-North Railroad
Edward Bruce, Director of Intelligence, New Jersey Transit Police Department
James Cook, Inspector, Amtrak Police Department
Patrick Dempsey, Senior Sales, Federal Resources
Chuck Frank, Director, AA/BA Undergraduate Program, Emergency Management & Business Continuity, Metropolitan College of New York
Michael Gray, Adjunct Faculty, Global Business and Transportation Department, Maritime College, State University of NY
Thomas Lockwood, Board Member, Secure Technology Alliance
Rick Mathews, Public Service Professor, Department of Public Administration & Policy, University of Albany, and Principal of The Mathews Group LLC
Sebastian McClendon, CBRN Project Manager, The Port Authority of New York & New Jersey
Ken Metz, Inspector, Amtrak Police New York Penn Station
Art Mogil, Lieutenant, New York Police Department
Tony Mussorfiti, Lieutenant (Ret.), Fire Department of New York, and current member of Advisory Council for Commissioner Nigro of the FDNY
Aaron Poynton, Executive, Federal Resources
Anita Sher, Assistant Commissioner, Training & Exercise Division, New York City Emergency Management Department
Tim Stickler, Director of CBRNE Protection Technology, Federal Resources
Erica Wolfkill, Manager: Federal Government and Critical Infrastructure, Federal Resources
Emerging Threats to Rail Infrastructure: Part II, Passenger
With millions of passengers travelling each day by rail and subway in the United States alone, the passenger rail industry and the communities they serve are faced with difficult safety and security challenges – from equipment failures to terrorist attacks. A whole community approach is needed to address these challenges, to understand the threats and consequences, and to promote a culture of resilience.
A roundtable held in New York on 9 January 2018 examined current issues and progress regarding this important topic from government and private sector experts. Key discussion points included current threats, vulnerabilities, consequences, and interdependencies that need to be addressed in order to avoid or mitigate a potentially catastrophic incident:
The January roundtable and its key takeaways continue the discussion that began in Washington, D.C., on 10 October 2017. At the October meeting, Joseph Trindal moderated a discussion on Emerging Threats to Rail Infrastructure: Part 1, Freight. Those subject matter experts noted the similarities and differences between threats to freight and passenger rail. The freight rail discussion raised significant concern for hazardous materials, military transport, critical infrastructure, communications, and cybersecurity. Although all of these issues are applicable to the passenger rail industry as well, there is one significant difference – people.
Passenger rail incidents increase the possibility of mass casualties, the need for public information sharing, and the importance of public situational awareness. As demonstrated in 2015 by three Americans, a French national, and a Briton travelling to Paris, situational awareness and quick action before law enforcement arrives could save lives. After the gunman opened fire in that train, these passengers subdued the suspect, provided first aid to victims, and shared valuable information about the incident to law enforcement. Unlike freight rail, the public plays a more significant role and must be included as a key partner in the planning process. Similarly, other rail passengers may find themselves someday pushed into the role of “first responder” when an incident occurs in transit. As such, incident awareness is critical even when formal training is lacking.
In addition to terrorist-related attacks, three recent Amtrak incidents – collision with a dump truck in Washington in December 2017, train derailment in Virginia in January 2018, and collision with a freight train in February 2018 – have gained national attention. Such incidents have brought public attention to the need for improvements in the rail infrastructure, protocols, and technology such as positive train control. Although public and congressional debate has been spurred by these events, the rail industry has been taking steps to address safety and security gaps for years. For example, in June 2015, Southern California’s Metrolink was the first passenger rail system to implement a positive train control system across its entire network. In addition, Amtrak provides free training through its Operation RAILSAFE (Regional Alliance Including Local, State And Federal Efforts) program to local stakeholders to help build awareness among planners, responders, and the passengers who may one day be affected.
Intelligence & Security Concerns
Al-Qaida recently published the 17th volume of its Inspire magazine. This issue is dedicated to exploiting the U.S. rail networks for attack. Their goal is to steer potential lone actors and disconnected violent extremists to target rail systems, which includes the passenger rail network. This specific threat underscores the need for the U.S. rail transportation industry to maintain and strengthen partnerships with federal, state, and local authorities.
To begin the 9 January 2018 discussion, the moderator – James Cook, inspector in the Amtrak Police Department – put the rail security challenge into perspective with regard to financial investments. According to his former boss, he quoted, “The government spends billions of dollars to protect millions of passengers in air travel, while spending millions to protect billions of passengers in the mass transit world.” Even though passenger rail threats have, to date, been more frequent outside the United States, threats of attack from terrorist groups have heightened across all developed countries. Two recent attacks did not reach their full intended potential, but still gained broad attention worldwide: (1) in August 2015, a man opened fire with an assault riffle in a train traveling to Paris, France; and (2) in December 2017, a suspect inspired by the Islamic State (IS) group detonated a pipe bomb in the New York subway.
A shift in terrorist tactics makes early detection of such threats more difficult. Large-scale coordinated attacks using chemical and biological weapons are less common than those of lone actors employing guns, knives, and improvised explosive devices against open public space targets, as demonstrated by the Islamic State of Iraq and the Levant (ISIL). However, no tactic should be overlooked. Edward Bruce, director of intelligence for the New Jersey Transit Police, shared some insight into current and emerging threats to mass transit, which can be categorized into four groups: international terrorism, homegrown violent extremists, domestic terrorism, and single-issue extremists/lone offenders.
Whether working as an organized group or as a radicalized individual without direct affiliation with a terrorist organization, the type of weapon used influences the potential scale of the event. While the use of explosives, small arms, edged weapons, and vehicles ramming pedestrians remains the prominent concern for mass transit, Bruce mentioned a potential future threat of ISIL-inspired extremists desiring to use simple improvised chemical dispersal devices, as demonstrated in a recent plot from Australia. He explained that the plume from an improvised chemical device could be perceived as a fire-based smoke condition, which could put even more people in danger, due to a misunderstanding on how to effectively respond. Furthermore, with the rise of ISIL to prominence in 2013 and 2014, threats do not have to be transportation specific to be a concern to mass transit. Threats to any open public space venues at or near mass transit stations would raise the threats to mass transit as well – as demonstrated by the attack on the Manchester Arena, which was co-located with Victoria Rail Station. Homegrown violent extremists remain mass transit’s number one threat. However, it has become increasingly difficult to collect intelligence on single-issue extremists and lone offenders who operate in an isolated manner. It is probable that intelligence on a single issue extremist or lone offender will be gathered by an employer’s human resources department or by the subject’s family and friends before law enforcement. People closest to that individual are likely to be the first to detect a potential threat.
Michael Gray, adjunct faculty in the Global Business and Transportation Department at the State University of New York, expressed a growing concern about ramming incidents and attacks outside hardened security areas. For example, in November 2014, a man drove a car into a crowd of people near a light rail station in Jerusalem. In May 2017, a suicide bomber attacked a crowd at an Ariana Grande concert in Manchester – British Transport Police officers and Northern Rail employees were among the first to respond. In Istanbul, where security at checkpoints has been increased, terrorists simply began moving their efforts to target crowds outside the security checkpoints.
Threat Mitigation
Information sharing and understanding cascading effects of even small incidents can help minimize security gaps. With much focus on large-scale, unconventional, less-frequent incidents, simpler tactics that are quick, easy, and productive can more easily breach security efforts such as targeted passenger screening and magnetometers. “There is currently no screening system that will screen everyone in a mass transit environment and to attempt to implement airport-style screening on mass transit would remove the ‘mass’ from mass transit,” said Bruce. He further noted that, everyday in mass transit, the passenger levels are equivalent to or greater than a large-scale event held at a stadium or outdoor event. Any station can be a target, with times and locations of trains publicly posted. Yet, even a small incident can have a widespread devastating impact.
Thomas Lockwood, board member of the Secure Technology Alliance, highlighted that, for many people, cybersecurity is perceived as isolated and personal nuisance issues. Many do not understand potential impacts of business enterprise as well as operational products and services. For example, a brief disruption in payment systems can nearly instantly stop the flow of people and traffic; or an attack on enterprise can stop communication, information sharing, and situational awareness. For regional transportation authorities, if a system cannot be used because payments cannot be made, it would result in a significant effect on mass transport. “Big issues like terrorism are a concern, but everyday small issues like malware can have a significant impact,” said Lockwood. He warned that systems today are not as isolated as they used to be, and the risks posed are critical. This is especially important for maintaining public confidence in the mass transit system.
In addition to the cascading effects of a brief cyberthreat, secondary threats can spread rapidly via mass transit. For example, biological and chemical agents pose threats to outliers, when a contaminated person travels to other locations, potentially spreading the incident to other jurisdictions. Roundtable participants agreed that boots on the ground need to know what to do in such circumstances, but building public awareness is a challenge. With regard to public awareness efforts, Bruce said, “It’s not just a question of how effectively it is sent out, but how effectively it is heard.” Mass transit providers focus on transporting people to their locations quickly, efficiently, and safely, while many commuters spend the time occupied with their electronic devices, wanting to just “enjoy the ride.” Attitudes like this may hinder reception of public awareness efforts. The “See Something, Say Something,” which began in mass transit, is effective, but only with an alert public.
Heightened awareness is especially important to detect precursors – or preparatory training – for a larger attack. Mass transit is inherently a complex environment with high-value targets that need to be protected. Joseph Brandine, manager of Chem, Bio,Rad Security Programs for Metro-North Railroad, stated that creating a modular “system of systems” is a good plan. However, since many detection system vendors still operate independently and proprietarily, a faster common operation software integration process is needed to address a system-wide development. Sebastian McClendon, CBRN project manager for The Port Authority of New York and New Jersey, agreed that better integration is needed to address a potential system-wide, cascading issue.
As an intelligence officer for mass transit law enforcement, Bruce has to consider both perspectives. From an intelligence standpoint, he explained that the intelligence community tends to focus on predominant (asymmetric) threats. Although adjusting focus to emerging threats can sometimes be slow, the intelligence community (both the U.S. Intelligence Community and law enforcement intelligence) is getting much better at adapting to a dynamic threat environment. From a mass transit standpoint – no matter what the incident is – terrorism becomes the initial concern and must be ruled out first, and then the focus can move down to lesser threats. It is much more difficult to shift from a smaller criminal concern to a larger terrorist concern.
CBRNE Threats & Assets
Cook raised the question about whether New York transit agencies have the resources in place to combat current threats in chemical, biological, radiological, nuclear, and high-yield explosive (CBRNE) domains. Brandine of Metro-North Railroad stated that, since 2004 when the Republican National Convention was hosted in New York City, the city has had a complex detection system in Penn Station and Grand Central Station. This system helps the metro system meet its protection goal, but funding is an ongoing challenge. On the law enforcement side, Lt. Art Mogil of the New York Police Department, stated, “We will never have enough resources to protect all transit stations.” He described how the city has 472 stations, each with multiple entrances, plus roughly 700 miles of track. With that in mind, he said it is necessary to conduct protective operations selectively based on intelligence, population density, etc.
Bobby Baker, captain and WMD/hazmat coordinator for Dallas Fire Rescue’s Special Operations, stated that Dallas does not have a dedicated hazmat team. Although a report he cited showed that not having such a team increases risks, early identification and classification of agents can mitigate secondary threats. An integrated planning approach can bridge the “silos” (e.g., between firefighters and police officers), which make it more difficult to identify threats before or in the early stages of an incident. For example, he described a scenario where an active shooter could be used as a diversionary tactic to spread contaminants by sending contaminated victims to hospitals that are not equipped with CBRNE detection equipment. He stated that CBRNE detection should be deployed and positioned outside patient receiving facilities.
Tony Mussorfiti, lieutenant (retired) of the Fire Department of New York (FDNY), described HazMat Company 1, FDNY’s dedicated hazmat team, which includes seven technician specialists and an officer, and has been in operation since 1984. The team was proficient in the handling of hazardous materials, but – after the Tokyo subway sarin attack committed on 20 March 1995 by members of the cult movement Aum Shinrikyo – the members of HazMat 1 needed to develop procedures on how to handle contaminated victims as well. To address that concern, the team used a “tiered response” (mission-specific), with specialized units to assist with rescue, recovery, and other tasks. Today, the team plays a key role in deterring terrorist incidents and lessening the consequences.
Measuring Risk & Deploying Assets
The response to low-frequency, high-consequence events needs to be more proactive than reactive, which includes rapid deployment of assets. To facilitate rapid deployment, assets need to be available and plans in place well in advance of the incident. “We don’t watch a bunch of houses burn down before we install smoke detectors,” said Baker to emphasize the point that an incident that could be mitigated with the proper resources can turn catastrophic without them.
The question is how to measure risk and determine where to deploy assets. Just a few of the numerous risk factors include the quantity of people affected, impact on the economy, and criticality within the overall system. With regard to counterterrorism and risk management, Bruce stated, “Threat is a frequency issue, but risk is a larger cost and response issue. Threat is one factor of risk.” He explained that a threat may be something that is likely to occur, but when considered alone, it might not tie into the vulnerabilities or address the consequences (e.g., cost to mitigate). When addressing a high-consequence concern, it is critical for intelligence-led agencies to balance resource allocations by considering the use of risk-based planning.
Planning gaps related to risk (e.g., updating protocols, coordinating with neighboring jurisdictions) must be addressed. Ken Metz, inspector for Amtrak Police New York Penn Station, described how his agency performs risk management for certain buildings, listens to intelligence reporting, considers baselines and best practices, learns about emerging threats, and then re-evaluates these facilities. Even when the railways themselves are not affected, an incident can affect the finances of the company, people entering the buildings, and how people travel. When a new threat is introduced, he said it is time to re-evaluate the trains, stations, or yards to ensure the threat is mitigated.
Stakeholder Roles, Partnerships & Information Sharing
The next topic of discussion turned to the roles that stakeholders play, their partnerships, and the way they share information. “The relationship factor is where things go forward,” said Baker.
According to Metz, Amtrak works with a lot of state and local partners through Operation RAILSAFE. The concept of this alliance is to increase the number of law enforcement officers at stations, which provides an opportunity for the officers to exercise their counterterrorism and incident response capabilities. Such networking efforts also promote higher involvement as needed when an incident occurs. Being able to see each other and work together on a regular basis improves stakeholder involvement.
Fusion centers and the Federal Bureau of Investigation’s (FBI) Joint Terrorism Task Force (JTTF) help to build relationships within the intelligence community. The FBI also has a rail security coordinators program, where each FBI office has a rail security coordinator within the JTTF. This coordinator ensures that connections and intelligence are shared with the right people. In New York, integrating the fire services into the JTTF has also improved coordination for responses.
Constant communication and networking are critical at the tactical level as well. Spearheaded by the NYPD, Mogil described how the Securing the Cities Program helped identify a gap in capabilities. As a result, the program implemented common equipment, settings, training, and terminology, which facilitate the intelligence-sharing process. By communicating frequently, gaps in resources can be identified early, and mutual aid can be implemented efficiently.
With much of the discussion focused on New York City, Rick Mathews, Public Service Professor at the University of Albany, pointed out that mass transit discussions often focus on big city assets. However, much of the rail transit system goes through small and rural areas, where jurisdictions may not train as well together at the group level. Interoperability needs to be encouraged across both large and small jurisdictions. He noted that plans for an attack on mass transit within a big city like New York would encounter barriers already in place. However, lack of such barriers in less populated areas would have greater vulnerabilities (e.g., a terrorist boarding a train in a small unguarded station and traveling into a large, heavily populated station).
Even with Amtrak’s outreach efforts across the jurisdictions that rail lines cross, repetition is critical. Metz said that, “Doing it once does not mean success. It needs to be done repeatedly.” Chuck Frank, director of emergency management and business continuity at Metropolitan College of New York, said that his university uses a “constructive action” process to help create and implement emergency plans. However, he also noted that stakeholders may reprioritize changes based on what is perceived as the greatest threats and risks, rather than what the greatest threats actually are. For example, the Inspire magazine article on rail threats captures the public’s imagination, but actions to mitigate them without using a holistic approach may be misguided.
In addition to different perceived risks and threats, each state and jurisdiction has a different way of conducting operations. Although these differences need to be recognized – especially considering that rails and buses transverse jurisdictions – agencies cannot wait for training before they become well acquainted with other key stakeholders.
After 9/11, fusion centers helped stakeholders understand roles and request information and protocols, but key interdependencies are sometimes underestimated. Withholding information or releasing it at the wrong time can have significant impacts. Similarly, releasing different organizational perspectives can cause further disruption. It is important to think about how people understand basic incident management coordination and information sharing because, as Lockwood witnessed in several incidents, the private sector has yet to embrace or be fully integrated into the process.
Strategic alliances and partnerships are one way to address the issue that every agency lacks some resources. Robert Black, senior associate of operations at Applied Integrated Security, shared the example of the U.S. Coast Guard (USCG) having operational and strategic memoranda of agreement (MOAs) with many local communities to fill capability gaps and to build force multipliers (e.g., law enforcement functions, environmental protection and enforcement, critical infrastructure security).
Similarly, Amtrak’s Operation RAILSAFE addresses security over the ground, air, and water through alliances with state and county aviation units. Through these partnerships, law enforcement officers gain coverage from an aerial perspective while using the opportunity to educate the pilot and copilot on law enforcement aspects of the rail system. Amtrak also has maritime alliances with the USCG and other law enforcement agencies.
Bruce stated that it would be difficult to respond to a law enforcement incident in New Jersey without having to work well with other agencies. Cooperation and joint operations are critical. As such, coordination is imperative. The NJ Transit Police Department regularly coordinates with Amtrak PD, MTA PD, PAPD, NJ State Police, NJ OHSP, FBI, TSA, DHS, and many other key stakeholders. From the law enforcement and emergency response perspectives, the jurisdictional conflicts seen in past decades are in the past, and the concepts of joint operations and unified command are integrated into daily operations.
Resilience Drivers
Roundtable participants then discussed how agencies should consider how they would continue functioning when one rail line or one operational component is removed. For example, one previous Amtrak incident had an ultimate $45-million impact on the U.S. economy. For a systems architecture, the process needs to build in both security and resilience to avoid having a single point of failure.
It is difficult to retrofit resilience. For example, although some train tunnels need repair, there would be significant economic impacts if one were to be shut down temporarily (which could be for years) for repair. Law enforcement officers, for example, do not build the tracks, but they are tasked with ensuring that the security process is streamlined across various jurisdictions. Getting critical assets to the scene when there is resistance to move those assets can be facilitated with the right planning and networking (e.g., police escorts for concrete trucks to lessen red tape delays).
Many decision makers do not participate in high-level exercises, even though they are involved in strategic decision-making during an incident. The problem is determining how to create a good mechanism to make these decisions, and exercise and train the decision makers. This includes having a government structure that embraces volunteers to overcome funding gaps and overwhelmed agencies. This was seen during Hurricane Harvey in 2017, when the Cajun Navy filled the response gaps despite not being included in the disaster planning process.
The NYC Emergency Management Department streamlines its decision-making process by working closely with all city agencies, nonprofit and nongovernmental organizations, and state and federal agencies. In addition to traditional stakeholders, NYC Emergency Management also works with Community Emergency Response Teams (CERT), Voluntary Organizations Active in Disaster (VOAD), and its Ready New York program to promote volunteerism within the city. “Volunteers are the richest resource,” said Anita Sher, assistant commissioner for the Training & Exercise Division at NYC Emergency Management. To address gaps in training the decision makers, NYC Emergency Management has moved away from large-scale exercises to smaller more-frequent training and tabletop exercises. This approach brings in senior-level people to help them better understand their obligations and roles during critical incidents.
Black mentioned a high-level tabletop exercise (TTX) that was held by USCG Sector NY, notably involving the Mayor’s Office, NYC OEM, the Captain of the Port, the Port Authority heads, top level law enforcement, and senior emergency responders, among others. In the TTX scenario, hijackers had seized a chemicals tanker just above the Verrazano-Narrows and were holding the region hostage. The tanker had two separate but stable chemical cargoes which, when mixed, would become a city-leveling mass destruction explosive. The scenario fully engaged in play the metropolitan area’s highest-level federal, state, and local decision-makers. The TTX outcome was considered a success but remains one of only a few that have been run.
Funding challenges are compounded when there are misunderstandings about natural disasters versus terrorist-related disasters. Baker pointed out that terrorism, which requires a presidential declaration for appropriation of funds, does not qualify for the Stafford Act, which typically falls under natural disasters. As such, expected funding may not be available. In such cases, the economic impact becomes exponential, so volunteers become even more critical.
Another way to bridge the gap between agencies and organizations is to use standards and procedures such as the Incident Command System (ICS) and the National Incident Management System (NIMS), which offer free online training to build continuity between agencies and organizations. As such, many incidents have become ICS driven. Baker noted that, in one Texas team leader course for preventing radiological and nuclear disasters, part of the training involved building an incident action plan and ensure the ICS/NIMS forms are filled out correctly. Mussorfiti added that, although NIMS compliance is needed for some funding, OSHA, NFPA-475, and other documents could provide critical backing for resource and equipment needs that could help build resilience.
Resilience and incident response, of course, are not the same. Bruce stated that he believes major incident responses are done well, but resilience involves putting systems in place to prevent incidents from having such a large impact. When considering resilience and interdependencies, Bruce said, “We still have large gaps to overcome…. We need to build robust systems that can flex around an incident.” As an example of misunderstanding resiliency, he described an incident in the Port Authority Bus Terminal that prevented buses from entering. This is an example of a short-term response effort by redirecting the buses, but he would not consider that a resiliency program.
Resilience looks at how robust the system is and how much an incident will affect the system. Robert Bradley, battalion chief (retired) at Middletown CT Fire Department and a senior instructor at Louisiana State University and National Center for Biomedical Research and Training, described one challenge with meetings and training: emergency managers and emergency responders go to critical incidents in the initial phase, and then go home, while others are tasked with rebuilding and recovering. The missing steps are identifying, connecting (and staying connected) with, and getting the infrastructure and other private sector people involved. Building these relationships can be difficult because their time and systems cost money, but long-term resilience and long-term cost savings are difficult without it.
“The bulk of risk agencies carry often comes from a lack of resilience, making unique assets more critical to their operations,” said Bruce. Though entities charged with developing infrastructure do consider resilience, they may benefit from further coordination on resiliency with emergency preparedness and response communities. Bradley agreed that gap analyses can help identify training components, but they too need to be expanded and built upon.
A lot of mass transit infrastructure is aging or old and, regardless of the type of incident, outdated infrastructure has an impact. Without fixing and updating these structures and standards, some response efforts cannot be as effective.
Information Sharing
“Effective resiliency requires effective redundancy,” said Tim Stickler, director of CBRNE protection technology at Federal Resources. This statement could be applied to equipment and other resources, funding streams, and information sharing. Interdependencies and resilience efforts have ripple effects across the country, even when incidents are local. The intelligence community is moving rapidly to address these concerns.
After an incident, restoring operations begins immediately. However, when a major event occurs, each agency puts out perspectives from its agency. As a result, too much information can become “white noise,” said Cook. There needs to be a determination of what is considered “good intelligence.”
There has been a maturing of the intelligence sector, which now realizes that capabilities exist within many different sources. Bruce has noticed that the “walls” between intelligence and law enforcement have been coming down. However, distributing information to the lowest level can still be challenging. The goal is to get as much information to the boots on the ground. To do so, commanders need to be able to share information whenever needed. Therefore, ensuring that operations and intelligence work closely is critical, so that information is unified and sent with a common purpose.
There is enough information at the unclassified level that can be shared to successfully steer operations and inform situational awareness. There has been growth on the operations side as well. Commanders and officers now understand that intelligence is a two-way flow of information, which is critical to improving both intelligence collection and dissemination.
Technological & Regulatory Influences
The roundtable discussion then turned to the feasibility of a cyberattack on mass transit and the steps that have been taken to prevent an attack. In the rail industry, cyber influences can often be overlooked. It is easy to remember bombs and other physical threats, but cyberthreats are not always at the forefront of planning efforts. How people prepare for cyberthreats can vary significantly as well. Black, who is also a member of the InfraGard’s EMP Special Interest Group, stated that cyberattacks certainly are feasible because of the integrated systems of computers, communications, and the national electricity grid.
Although the threat is real, there are actions that individuals can take to mitigate the threat. On the ground level, for example, each person has a responsibility to not expose passwords, which can invite threats. Password protection and two-factor authentication on computers and keypads guard critical information. Protecting credit cards and other financial information is also a significant concern.
Years ago, operational and business systems were isolated and separate systems. However, since the 1980s and increasingly over time, these systems became interdependent and interoperable. This integration provides multiple areas of risk and potential attack. The increasing use and integration of third-party providers and unauthenticated systems create vulnerability because access to one system may provide access to another. With the “internet of things,” an accounting of transactions is required, but security elements have not been stressed. More security requirements – including multi-factor authentication, mandating third-party access requirements, and other protections to reduce cyberrisks – are needed. The points of entry for cyberthreats are numerous, so security gaps need to be addressed. A May 2016 report conducted by the Preparedness Leadership Council International provides some recommendations.
Resilience can be expensive when done in retrospect, but it can be relatively inexpensive if built into the structure and process upfront. Fixing the problem is a challenge because, “When it’s everybody’s problem, it’s nobody’s problem,” said Lockwood. However, Lockwood did provide the following suggestions:
Key Takeaways
Passenger rail security has to adapt as threats against railroads and the surrounding areas evolve. The roundtable participants discussed various threats that could affect the rail system and possible solutions for closing security and resilience gaps. Some of the key takeaways from the Emerging Threats to Passenger Rail Infrastructure roundtable discussion include:
Conclusion
Passenger railroads could be a desirable target for terrorists because of the high-volume of passengers and interconnected rail lines that span the nation. The ripple effect of a cyberattack on the ticketing system, a conventional attack in a busy train station, or a biothreat in a train car could have devastating consequences. The intelligence, law enforcement, and transit communities are adapting to address these and emerging threats, but terrorists continue to evolve their tactics with each new security effort. Risk assessments, interagency and public-private partnerships, cybersecurity measures, CBRNE detection technology, training at all levels, information sharing, and long-term planning are ways to build resilience and security into the rail infrastructure.
DomPrep would like to thank Federal Resources, who sponsored the 9 January 2018 roundtable discussion in New York. Also a special thanks to all those who participated in that discussion, upon which this white paper is based. The participants who contributed to this important discussion include but are not limited to the following:
Bobby Baker, Captain, WMD/HAZMAT Coordinator, Dallas Fire Rescue, Special Operations
Robert Black, Senior Associate/Operations, Applied Integrated Security
Robert Bradley, Battalion Chief (Retired), Middletown CT Fire Department, and Senior Instructor, Louisiana State University, National Center for Biomedical Research and Training
Joseph Brandine, Manager, Chem, Bio, Rad Security Programs, , Metro-North Railroad
Edward Bruce, Director of Intelligence, New Jersey Transit Police Department
James Cook, Inspector, Amtrak Police Department
Patrick Dempsey, Senior Sales, Federal Resources
Chuck Frank, Director, AA/BA Undergraduate Program, Emergency Management & Business Continuity, Metropolitan College of New York
Michael Gray, Adjunct Faculty, Global Business and Transportation Department, Maritime College, State University of NY
Thomas Lockwood, Board Member, Secure Technology Alliance
Rick Mathews, Public Service Professor, Department of Public Administration & Policy, University of Albany, and Principal of The Mathews Group LLC
Sebastian McClendon, CBRN Project Manager, The Port Authority of New York & New Jersey
Ken Metz, Inspector, Amtrak Police New York Penn Station
Art Mogil, Lieutenant, New York Police Department
Tony Mussorfiti, Lieutenant (Ret.), Fire Department of New York, and current member of Advisory Council for Commissioner Nigro of the FDNY
Aaron Poynton, Executive, Federal Resources
Anita Sher, Assistant Commissioner, Training & Exercise Division, New York City Emergency Management Department
Tim Stickler, Director of CBRNE Protection Technology, Federal Resources
Erica Wolfkill, Manager: Federal Government and Critical Infrastructure, Federal Resources
Catherine L. Feinman
Catherine L. Feinman, M.A., joined Domestic Preparedness in January 2010. She has more than 35 years of publishing experience and currently serves as editor-in-chief of the Domestic Preparedness Journal, DomesticPreparedness.com, and The Weekly Brief. She works with writers and other contributors to build and create new content that is relevant to the emergency preparedness, response, and recovery communities. She received a bachelor’s degree in International Business from the University of Maryland, College Park, and a master’s degree in Emergency and Disaster Management from American Military University.
SHARE:
TAGS:
COMMENTS
RELATED ARTICLES
TRENDING
September 2024
Article Out Loud – Malicious and Non-Malicious Cyber Incidents: Education and Preparation
Article Out Loud – Tren de Aragua: From Prison Gang to Transnational Organized Crime Syndicate in the U.S.
RELATED ARTICLES
TRENDING
September 2024
Article Out Loud – Malicious and Non-Malicious Cyber Incidents: Education and Preparation
Article Out Loud – Tren de Aragua: From Prison Gang to Transnational Organized Crime Syndicate in the U.S.