Note to Reader
This white paper discusses some of the security threats and solutions present in the general aviation industry. All the flights arranged by Air Planning utilize commercial operators under FAR Part 121 or Part 135. The risks cited herein are NOT present in the commercial private air charter market under which our vendors operate. This document is intended to provide insight and guidance to Part 91 flight departments and other interested parties.
Introduction
In January of 2018, the Transportation Security Administration (TSA) withdrew the proposed implementation of the Large Aircraft Security Program (LASP), a program that would have enhanced security protocols for large aircraft in the general aviation industry. Originally proposed by TSA in 2008, the LASP was directed at privately operated (Part 91) aircraft with a maximum certificated take-off weight (MTOW) above 12,500 pounds and was intended to “…enhance domestic general aviation security. The LASP would require currently unregulated general aviation operations over a specific weight threshold to adopt security measures, which would align these operations with operations currently regulated for security purposes” (Transportation Security Administration, 2008). The LASP protocols included security protocols such as vetting of crew and passengers against the “No Fly List” and mandatory armed security on private air charter flights into or from DCA / Washington, DC.
Opposition to the LASP
LASP was met with robust opposition from aviation organizations and their supporters in Congress. Their position was that existing security initiatives were sufficient, and that the additional mandates would be onerous and unnecessary. The National Business Aviation Association (NBAA) was particularly active in opposing this rule. NBAA’s president and CEO Ed Bolen commented that in the ten years since the rule has been introduced, “…the industry has demonstrated a record of compliance with very sophisticated, voluntary and mandatory security measures.” NBAA also commented that the proposed rule was “onerous and largely unworkable” (National Business Aircraft Association, 2018).
What Are the Risks?
While we agree that that an overwhelming majority of Part 91 large aircraft operators work very diligently to implement voluntary protocols to ensure the safety and security of passengers and ownership, this ignores a systemic risk concerning whether the existing regulatory framework creates opportunities for bad actors to do harm. While the industry has demonstrated an appetite for voluntary compliance with some security directives, at issue is whether the absence of specific regulations creates an unacceptable exposure to security threats not just to the operator and personnel in the air and on the ground but also to the public.
Risks are heightened as aircraft and group size increases, both from a potential damage perspective on the ground as well as the potential for a crew to be overwhelmed. With the rapid growth of Boeing and Airbus commercial aircraft being deployed for large business jet charters, more aircraft are being operated under Part 125. The Part 125 regulatory framework is essentially a Part 91 operation for aircraft with a payload of more than 6,000 pounds or more than 20 passenger seats. The same aircraft models deployed in the 911 attacks are currently operating on private Part 125 certificates. In the absence of passenger vetting that is required under Part 121 and Part 135 charter flight operations, an aircrew would be particularly vulnerable to potential terrorist activities and related acts.
What Are the Barriers to Causing Harm?
In cases where the staff who run Part 91 or 125 operations lack security training or proper oversight, these environments can easily become an opportunity for “the insider threat”. The opportunity for criminal and/or terror related acts are increased due to the less robust regulatory oversight of crew and other personnel. As a factual matter, it has already been demonstrated as to what a well-funded terror group can accomplish with their dedicated radical extremist followers. Placing an employee with nefarious intentions inside of a flight department would be neither difficult nor expensive.
We discussed the use of Part 125 aircraft for large group air charter by unrelated parties in a previous white paper, referring to this practice as the “grayest of gray areas.” These air charter operations utilize commercial aircraft that can include 767s and similarly sized aircraft, with MTOWs exceeding 200,000 pounds. A motivated party could find an unwitting Part 125 operator or a Part 91 operator to gain access to aircraft in an environment where none of the commercial security and screening protocols of Part 121 or Part 135 air charter operations are present. Such a group could in turn procure a large aircraft for their destructive acts. Recently we have seen terror evolve, domestically and abroad into the lone terrorist, lone gunman or lone attacker utilizing the more basic modes of transportation, and weapons for that matter. Aviation ground personnel are in a unique position to cause harm given their access to aircraft.
Reducing Access and Hardening Your Operation
Violent ideological adversaries look for security gaps, loop holes or weakness. Once identified, persistent and patient planning can lead to the exploitation of these gaps. What steps can the private air charter operator take to minimize risk as well as make their air charter operation a less viable target? One solution is to participate in a voluntary ASO (Armed Security Program), or to seek outside expertise in developing protocols that mirror FFDO (Federal Flight Deck Officer Program) to work cohesively in the spirit of maintaining flight deck integrity.
Know Thy Owner and Passengers
How well do you know ownership and the passengers that fly on the aircraft that you are charged with maintaining and operating? Is the passenger manifest a revolving door? What ID protocols are in place, if any? Ask questions. Often ownership is relying on you as their expert and may not be aware of threats that can be minimized or eliminated via crew training and security protocols.
We also would recommend a very careful evaluation of what other parties may be utilizing the aircraft with the blessing of ownership. Regulatory concerns relative to legality of such operations aside, your flight department needs to understand who is utilizing the aircraft and why. A donated aircraft charter for a large group can pose unintended exposure unless the operation is thoroughly vetted, regardless of the good intentions behind donating the aircraft for a private air charter.
Third-Party Security Services
Again, we would recommend investing in third-party security services to accompany passengers, especially on Boeing Business Jets and Airbus Commercial Jets given their size in situations where any of the passengers are not well-known to your organization. Security is reactive in nature. Too often we do not see the need for it until after a crime or threat occurs. Proactive measures are used scarcely, if at all. It is unknown how many bank robberies are thwarted by placing an armed guard at the front door, and yet it provides piece of mind and is considered money well spent. The same can be said for security on the flight decks of general aviation where appropriate.
Staff Training
Staff training includes both aircrew as well as ground support staff. Outside security professionals can help you to vet hires more effectively, as well as build a more security conscious organization via better security awareness. Self-defense, threat-neutralization, disarming techniques, and security training can also be invaluable. Particularly on an aircraft, appropriate training can disable an assailant (armed or unarmed) quickly and effectively. “Soft” techniques can also be effective in subduing a person that is impaired or otherwise a danger to themselves or others. Security is a mindset that is part and parcel of commercial air charter operations. That same mindset can be deployed in a general aviation setting with the proper staff training and ongoing support.
Ground Security
Controlling access to the aircraft on the ground, including what goes into the aircraft (both passengers and cargo) can go a long way in making your operation safer. This includes not only a security mindset of staff, but also an audit of the physical assets on the ground such as lighting, fencing, gate or door access, and potential weaknesses that may invite unauthorized access. Catering companies are a good example whereby the flight department is far removed from the employee vetting process (assuming there is one), yet these same persons often have unfettered access to aircraft. All threats to large aircraft charters, business jet charters and any other forms of private jet travel initially begin on the ground.
“Just because it hasn’t happened, doesn’t mean it can’t happen”
Relying on the past as prologue is not a security strategy. A proactive flight department will think defensively and will honestly assess how they can improve security for both passengers and aircrew. The first line of defense is understanding that you need a line of defense in the first place. The “not us” approach leaves an operation open to complacency and potential threats.
Authors:
Scott Bickford CEO & Cofounder, Air Planning, LLC BS Aviation Management & Air Traffic Control AS Airways Science Private Pilot Israeli Defensive Tactics Krav Maga Worldwide (10 yrs.)
Robert Smith Certified ASO (19 yrs.) NJSP Trooper (20 yrs.) DASSP Federal Regulation Casino Security Manager Global Security Company Manager Private Investigator High School Security Team
References
National Business Aircraft Association. (2018). TSA Withdraws Large Aircraft Security Rule Proposal. National Business Aircraft Association. Transportation Security Administration. (2008). TSA Proposes Large Aircraft Security Program. Washington, D.C.: Department of Homeland Security.