Taking Stock of the ‘Insider Threat’

New Delhi, August 18, 2018: The rogue flight of a Horizon AirQ400 twin-engine turboprop Aug. 10 reminded the aviation community of the Germanwings suicide flight in 2015 and underscored an intractable problem airlines face—the insider threat. The incident raised the prospect that new approaches and regulations will be developed to manage access to the flight deck.

“It will never be entirely solved by airlines, simply because there are gaps in our system that have to exist,” says Jeffrey Price, an aviation security specialist and the owner of Leading Edge Strategies, an airport management training company. “There are always going to be those exploitable gaps. You do what you can to close them, but there is only so far you can go.”

Richard Russell, the Horizon Air ground service agent who towed the Bombardier Q400f rom a maintenance position at Seattle-Tacoma (Sea-Tac) International Airport, rotated it 180 deg. toward the runway, then flew it haphazardly for more than an hour, had worked for the regional carrier for 3.5 years. He apparently did not have a pilot’s license.

The sole occupant, Russell was killed when the 76-seat aircraft crashed on sparsely populated Ketron Island in the Puget Sound, southwest of Tacoma, Washington. The flight data recorder and parts of the cockpit voice recorder recovered at the scene were turned over to the NTSB for processing at its recorders laboratory in Washington, D.C. The FBI is leading the federal investigation, as the crash involved criminal activity.

Within days, another incident punctuated the problem of rogue aircraft. On Aug. 13, a corporate pilot intentionally flew a Cessna 525 CitationJet into his home in Payson, Utah, hours after being arrested for domestic assault. The man, the only person killed, was a former Pinnacle Airlines pilot, according to media reports.

At an Aug. 11 press conference at Sea-Tac Airport, executives with Horizon Air, parent organization Alaska Air Group and the airport said Russell had passed a Transportation Security Administration (TSA) background check valid for 10 years, possessed the standard Secure Identification Display Area (SIDA) badge from the airport, and was allowed to be in the vicinity where the Q400 was parked.

Horizon Air says its ground service agents direct aircraft for takeoff and gate approach, deice aircraft before pushback, clean aircraft, and load and unload cargo and luggage. Russell also was qualified to tow aircraft. The carrier directly employs the ramp workers, but adds that “in some stations, we do utilize third-party vendors.” The ground service agents are not part of a union, Horizon says.

“He was background-checked. There [are] a couple of different background checks we run on our employees,” said Alaska Air Group CEO Brad Tilden. “He had a SIDA badge with the Port of Seattle. He worked his shift yesterday. We believe he was in uniform. His job is to be around airplanes. He is meant to be on the secure side [of the airport]; that is part of the fulfillment of his job responsibilities.”

Russell was “fully credentialed and had access to that area. No security violations were committed,” said Mike Ehl, Sea-Tac director of aviation operations.

Separately, on Aug. 13, Port of Seattle Commission President Courtney Gregoire said the airport started physically screening employees 18 months before the Q400 incident. “To make sure we were thinking about all human factors in the operation of this airport, we added employee security screening—physical screening like you experience when you travel through this airport. We are one of the only airports in the country to do that, and we took that voluntary leap,” she said according to aviationweek.com.

While the incident was an “aberration,” it points to a need to improve security protocols, Gregoire said. The authority was discussing possible steps with the industry groups Airports Council International-North America and the American Association of Airport Executives as well as airlines and federal agencies. “We expect a national-level conversation; we expect the federal government may have some ideas about regulation,” she added.

Price argues the airport’s security system is not at fault in this case. Airports are responsible for access to the ramp; airlines are responsible for access to the aircraft, he says. The traditional aviation security mindset may call for more screening and surveillance to solve the problem of an unauthorized employee commandeering an aircraft. And fixes such as requiring codes through software to start an aircraft or using throttle locks are other possibilities. But he believes employee wellness programs that can ferret out a potential crisis offer the most promise.

Sea-Tac’s 100% employee screening policy is an example of gradual advances in security protocol targeting insider threats. Mandatory background checks for workers with unescorted access to secure areas of U.S. airports were put in place in 1985. After 9/11, under the newly- ormed TSA, the requirements were expanded, and each commercial airport was required to create a security plan, including employee and worker-screening protocols, that all tenants must follow.

Most insider-threat mitigation has focused on potential criminals and terrorists—more strict background checks or physical screening aimed at stopping weapons or contraband from getting on aircraft. Up until the Germanwings crash, there was little focus on mental health aspects that could turn an airline employee into a security risk.

A 2015 working group led by the FAA in response to the Germanwings incident studied pilot mental fitness. While its focus was on flight crews, which must meet certain mental-fitness standards in FAA regulations, the group’s conclusions underscore the difficulties organizations have in determining how best to approach employee mental wellness.

The group “found no convincing data to conclude that adding psychological testing to the hiring process or to the routine medical examinations” would help an airline assess a pilot’s mental fitness, it wrote in its final report.

According to aviationweek.com another consideration: Requiring medical professionals to report issues with patients that could affect public safety. Besides navigating a patchwork of rules in place in states and with different licensing boards, mandatory reporting could discourage patients from seeking the help they need.

The board’s conclusion: Establishing voluntary programs where pilots can disclose issues and seek confidential treatment offers the most potential for success. Operators that have “benchmark” programs should share best practices—much like they do with safety issues—and employees must be continually reassured that their disclosures will not automatically jeopardize their jobs.

Price agrees. “First, it is having those programs, and then taking them seriously without threatening the person’s job simply because they come in and say, ‘look, I’m having a hard time.’ A lot of people will not do that because they don’t want to lose their jobs. And a lot of people will not do that because if they are wrong, they might have just caused somebody else to get fired,” he says.

A more practical solution would be to train managers and supervisors “to not just identify the typical suspicious behaviors, [but] to identify some of those other subtle clues that there might be some mental issues going on and the person already needs help,” Price says.

Leave a Reply

Your email address will not be published. Required fields are marked *