DHS lessons learned from Mumbai attacks

DHS Under Secretary Charles Allen (DHS Office of Intelligence and Analysis) testified last week before the Senate Committee on Homeland Security and Governmental Affairs, discussing both the lessons DHS learned from the November terrorist attacks in Mumbai, and the information sharing efforts of DHS with regard to the attacks.

Although committee testimony can sometimes be a bit dry, Allen’s testimony is relatively short and offers some insight into DHS policy direction, so you may want to read it.  Here are some highlights:

Prevention and Deterrence:

  • Previously disrupted plots (and previously identified targets) may resurface.
    • Reducing security protection leaves attackers an opening, no matter how much time has passed since the intial threat.
  • A determined and innovative adversary will make great efforts to find security vulnerabilities and exploit them.
    • Think like attackers to identify our weak points before they exploit them.
  • Security must be unpredictable for the adversary, but predictably responsive to those it is meant to protect.
  • Target knowledge was paramount to the effectiveness of the attack.
    • DHS is working on programs to help detect pre-attack surveillance.
  • “Low tech” attacks can achieve terrorist strategic goals-and can be dramatically enhanced by technology enablers.
    • Note: The attackers may have used wireless devices from hostages to monitor and interfere with the response against them.

Response and Recovery

  • Response to a similar terrorist attack in a major U.S. urban city would be complicated and difficult.
  • A unified command system is of paramount importance if governments are to respond to terrorist attacks quickly and effectively.
  • Public-private interactions are crucial and must be developed before an incident occurs.
  • Threat Information must be quickly and accurately conveyed to the public.
    • But he stressed DHS has procedures and practices to balance this with the need to ensure attackers can’t use the information to further their attack goals.
  • Training exercises that integrate lessons learned are critical.
    • Future national exercises will include Mumbai-style attacks.
  • We must protect the attack sites to collect intelligence and evidence to identify the perpetrators.
    • Proper evidence collection must be incorporated into training, planning, and response.

Note: Several reports were cited in the testimony, almost all marked For Official Use Only (FOUO), so they’re not available to link to.  If you would like access to any of these reports, I suggest you either contact your local fusion center or information sharing center, or contact I&A directly (they may point you to a regional organization that can properly vet you as having legitimate need to see the document).

Final Note: Controlling Wireless Information

Use of wireless devices by attackers is already being targeted from a technology standpoint (The NYPD expressed interest in jamming or intercepting wireless signals at the same hearings).  I expect this to become a hot topic, and I expect it to be addressed from an infrastructure & policy standpoint as well (giving responders some measure of control of private wireless infrastructure during an attack).  A combination of both would be necessary to deny attackers information they could use without interfering with the wireless information responders need, so watch for some policy debate on this issue.

Advertisements

MI: DHS and Michigan reach agreement on enhanced driver’s license

From HS Daily Wire:

DHS has reached an agreement with the state of Michigan to enhance the security features of the state’s driver’s license, which may serve in the future as an acceptable alternative document for crossing the United States’ land and sea borders.

The Michigan agreement, similar to those reached with Washington, Vermont, Arizona, and New York last year, seeks to create an enhanced driver’s license — which denotes both identity and citizenship — as a compliance option to fulfill Western Hemisphere Travel Initiative (WHTI) requirements. WHTI requires all citizens of the United States, Canada, Mexico, and Bermuda to have a passport or other accepted document that establishes the bearer’s identity and nationality to enter or depart the United States from within the Western Hemisphere. Beginning 1 June 2009 only WHTI-compliant documents will be accepted at U.S. land and sea ports of entry.

NY: NY City receives $29 million to combat radiological & nuclear attacks

New York: DHS said it would award New York City approximately $29 million in grants through the Securing the Cities (STC) initiative to prevent a radiological or nuclear attack on the metropolitan area by enhancing regional capabilities to detect and interdict illicit radioactive materials.