Wed, Apr 20, 2022

Maritime Supply Chain Crisis: 6 Ways to Effectively Mitigate Port Security Risks

Last year, images of ripped-open packages stolen from cargo containers littering the tracks in Los Angeles went viral. According to Los Angeles Police Chief Michel Moore, “Guns are among the items that have been stolen from cargo containers on railroad tracks in Lincoln Heights.” The disturbance is being investigated as possibly contributing to the derailment of 17 rail cars. 

The maritime supply chain crisis gripping the U.S. started in the early months of 2021 with a flotilla of ships sitting off the coast of California and has since prompted a substantial amount of planning and logistics conversations about threat and vulnerability management from both the public and private sectors. Approaching this complex commerce situation requires new ideas along with tried and trusted practices to alleviate the problems surrounding threat mitigation and vulnerability resiliency efforts for port security directors as well as those tasked with protecting America’s supply chain in the Pacific region and nationwide.

Although the Maritime Transportation Security Act (MTSA) of 2002 is about to turn 20 years old in November, this current crisis shares many of the unique challenges faced by port security directors in 2002 working to ensure federal safety and security statutes following the attacks of 9/11. We may not be managing the response to the unprecedented attacks of 9/11, but we would be hard-pressed to meet a subject matter expert in the maritime sector who has yet to observe something as impactful to the maritime commerce and transportation sectors during the current crisis.

For example, at the Port of Los Angeles/Long Beach there exists a logistics nightmare for both the law enforcement entities who have the authority to implement the MTSA and the port security directors charged with regulatory mandates. As containers, ships, trucks and railway elements delay and back up, we are beginning to identify significant vulnerabilities in the North American supply chain. We witness these glaring vulnerabilities as trains and trucks sitting idle with valuable cargo become easy targets for criminal organizations, contributing to thinly stocked shelves and out-of-stock items at stores nationwide.

However, these threats are not new. With transportation-related criminal activity tracing back to the 1800s when Jesse James and his notorious gang of outlaws staged the world’s first robbery of a moving train, maritime and transportation sectors have always been prone to security threats. When asked why he robbed banks, the notorious bank robber Willie Sutton is credited with saying, “Because that's where the money is”. While most of the world quarantined in their houses during COVID-19, criminal organizations targeted—and continue to target—the maritime and transportation sectors, along with cyber vulnerabilities, for the same reason Willie Sutton did—because that is where the money is.

These vulnerabilities increase as public and private entities charged with mitigating threats must now deal with backed-up transportation routes in and out of their ports and ships at bay awaiting transfer of cargo, similar to what’s happening at the Los Angeles rail yard, creating potential vulnerabilities that a criminal or terrorism organization can exploit.

Several causes are contributing to the events playing out on the train tracks in Los Angeles. To name a few: lack of fencing and proper lighting, law enforcement resources stretched too thin and a depleted security guard force dedicated to the facilities. This physical environment not only lacks basic security to protect the supply chain but encourages crime and disorder. Even when efforts are made to take legal action against these modern-day train robbers, those tasked with stopping thefts and holding suspects accountable face what seems like a revolving door at the courts with repeat offenders returning unabated to continue the thefts.

A solution-oriented security strategy at the L.A. rail yards and at any location that is tasked with securing the American supply chain should consider these seven factors in their security planning. 

  • Threat assessments: An evaluation of the intent and capabilities of threat actors and actions that are most likely to adversely affect operations, personnel and/or specific assets is needed. Assessments should include past criminal and terrorist events while identifying all actual, inherent and potential threats.
  • Perimeter control: Perimeter security is designed with the primary purpose of keeping intruders out of the outermost property line. It includes manmade barriers such as walls, fences and gates, as well as natural barriers such as rivers, ravines and vegetation (e.g., thorn bushes, poison ivy). Depending on the threat level, they can be deployed with enhanced designs that include more durable material supplemented with razor wire and motion detection.
  • Security lighting: Proper lighting is essential because it deters criminals from entering the area by removing the anonymity that criminals like to maintain. They recognize that they can be more easily detected and readily identifiable on security cameras when lighting is effectively deployed. We recommend that clients consider a security lighting program that includes active lighting, passive lighting and response lighting when securing a location.
    • Passive lighting includes static fixtures, such as light fixtures connected to timers that turn on or off during scheduled times.
    • Active lighting consists of motion-activated lights that go on when movement is detected in the vicinity of the fixture.
    • Response lighting consists of high-intensity lights that are turned on by either security staff or through a technology solution in response to an observed or detected intrusion. The light is quickly deployed and floods the area with illumination that can hinder someone’s ability to see. Response lighting can include a combination of LED floodlights and spotlights coupled with strobe lights.
  • Video surveillance system: Cameras are everywhere today as we go about our daily lives. The DailyMail published a report that states Americans are recorded 238 times a week and for those who travel or work in high-security jobs that can increase to 1,000 times a week.1  In doing incident investigations for clients, we often find that cameras are either broken, not recording, not placed in the right location or unable to identify the individual due to lighting. There are also instances in which the suspects took action to defeat the video surveillance. If you already have video cameras, they need to be reviewed and enhancements may need to be added. 

Video surveillance programming: Due to camera fatigue, video surveillance systems are only effective when the proper technology is deployed effectively, and the program in which the video is utilized is maximized. If all you need is to be able to document an incident, having numerous cameras that record 24 hours a day is enough. If you are hoping to prevent something from happening, you need to ensure proper program management.

Video surveillance and camera systems have been greatly modernized, enabling law enforcement to respond to crimes more quickly. Below are some of the ways these systems have been updated:

  • Cameras have been supplemented with motion exclusion zones and thermal imaging detection to limit video events that need a response
  • Video systems are enabled with artificial intelligence (AI) and can identify actions or inactions that require real-time monitoring or responses
  • Systems can identify objects such as guns or knives when they are first detected on a video feed
  • Activity (such as someone climbing a fence) can quickly be identified and responded to Security teams can deploy a response lighting solution as well as activate a speaker to alert an intruder entering a prohibited area that they are being recorded and law enforcement has been notified
  • Security technology: Security technology includes a range of items, from access control systems, motion or vibration alarms, audio detection alarms and smart systems that enable systems to talk to each other.

Previously, helicopters could be deployed to be the “eye in the sky,” providing real-time intelligence to law enforcement or security operations. However, these deployments were costly and required dedicated resources and specially-trained personnel. A cost-effective alternative to helicopters that port security directors can consider are drones, or unmanned aircraft systems. Drone technology not only provides security managers with surveillance technology in hard-to-reach areas but also can be deployed in quick response to an incident not normally captured by a standalone camera. AI-equipped cameras allow port directors or security team members to launch a drone and monitor it on their smartphone, capturing real-time intelligence. 

In Boston, Kroll installed Shot-Spotter ballistic detection systems that alerted 9-1-1 dispatchers to gunshots seconds after they were discharged. It identified the location and number of gunshots and was able to provide the direction and speed the shooter was traveling as they discharged. We have also deployed pan-tilt-zoom Homeland security cameras, which are not fixed and can be directed at the needed location when an incident occurs. This type of camera covers potentially huge areas, but not simultaneously. The Kroll team was eventually able to unite the two technologies to allow every camera to turn toward the location the gunshots were detected to maximize the chance of capturing the suspects as they were in the act and fleeing the scene.

  • Security staffing: This can consist of security personnel with the responsibility of observing and documenting any events, enforcing policies and procedures and often providing concierge-type services. Their actions can be proactive, such as conducting set rounds, or reactive, such as responding to alarms. Technology now exists that can track the location of security vehicles as well as personnel out on foot, which can identify the closest asset that can respond to an ongoing incident. While security staffing used to be separate from the discussion of security technology, they are now intertwined with security robots being deployed to supplement security staffing programs. In South Korea, for example, “Spot” the canine-like mobile robot is used as a night patroller in factories.

Whenever a new threat to safety and security arises, it is the responsibility of private business and law enforcement to work together to develop a solution. After 9/11, airlines strengthened their cockpit doors and enlisted armed U.S. Air Marshals to accompany flights. Private entities have an obligation to secure their facilities, personnel and products. Law enforcement and elected officials need to work together with businesses and the community to provide safety and security for all. 

Source: 1.

Cyber Risk

Incident response, digital forensics, breach notification, managed detection services, penetration testing, cyber assessments and advisory.

Business Continuity, Resilience and Disaster Preparedness

In today’s fast-paced world, disruptions can happen anytime. Kroll’s full suite of business continuity, resiliency and disaster preparedness capabilities is designed to prepare your enterprise for unexpected risks and maintain competitiveness throughout the full lifecycle of any disruption.