Dec. 9, 2009 -- While insisting the security of the public was never placed at risk, Department of Homeland Security Secretary Janet Napolitano said Wednesday that her department is conducting a review to determine how the Transportation Security Administration's (TSA) air passenger screening manual ended up online.
Napolitano also confirmed that a private contractor had posted the manual online. The most sensitive parts of the Standard Operating Procedures manual were redacted in a way that computer-savvy individuals easily overcame, revealing sample CIA, Congressional and law enforcement credentials, and that only 20 percent of checked bags at airports are to be hand searched for explosives.
In a brief exchange during an oversight hearing of the Senate Judiciary Committee, Committee Chairman Sen. Patrick Leahy, (D-Vt.), asked Napolitano who should be held accountable for the security breach.
Napolitano responded that although the document posted was out of date, "The posting of it did not meet our own standards of what should be available on the net."
"We have already initiated personnel actions against the individuals involved," said Napolitano. She said DHS is already doing a department-wide internal review, and she has asked DHS Inspector General Richard Skinner to conduct his own independent review of the security breach.
When Leahy asked if the individual involved was a contractor, Napolitano said yes, but also noted that "some of the supervisors ultimately were at TSA."
The Standard Operating Procedures manual that the TSA inadvertently posted contained some of the most closely guarded secrets regarding special rules for diplomats and CIA and law enforcement officers. The 93-page document shows sample CIA, Congressional and law enforcement credentials which experts say would make it easy for terrorists to duplicate.
The improperly redacted areas indicate that only 20 percent of checked bags are to be hand searched for explosives and reveal in detail the limitations of x-ray screening machines.
TSA Screeners Told To Target Residents From Certain Countries
The redacted portions also indicate which law enforcement personnel are specially screened or exempt from some screening procedures, and indicate what requirements they must meet to be eligible for special screening.
TSA screeners are also told to require extra screening for any passenger whose passport was issued by Cuba, Iran, North Korea, Libya, Syria, Sudan, Afghanistan, Lebanon, Somalia, Iraq, Yemen or Algeria.
The document also reveals that during peak travel times, TSA screeners who check identification can reduce from 100 percent to 25 percent the times they use black lights to authenticate documents.
But officials say the most damaging information in the unredacted manual is what size electrical wire can go undetected by airport screening machines -- valuable information for a bomb maker.
"This is an appalling and astounding breach of security that terrorists could easily exploit," said Clark Kent Ervin, the former inspector general at the Department of Homeland Security. "The TSA should immediately convene an internal investigation and discipline those responsible."
"This shocking breach undercuts the public's confidence in the security procedures at our airports," said Senator Susan Collins, R-Me., ranking Republican member of the Senate Homeland Security and Governmental Affairs Committee. "On the day before the Senate Homeland Security Committee's hearing on terrorist travel, it is alarming to learn that the TSA inadvertently posted its own security manual on the Internet."
"This manual provides a road map to those who would do us harm," said Collins. "The detailed information could help terrorists evade airport security measures." Collins said she intended to ask the Department of Homeland Security how the breach happened, and "how it will remedy the damage that has already been done."
TSA Document Leaked Online
A TSA spokesperson says the document posted online is an outdated version "improperly posted by the agency to the Federal Business Opportunities Web site wherein redacted material was not properly protected."
"Screening is like a big puzzle and this SOP gives you directions on putting the puzzle together," said Robert MacLean, a former Federal Air Marshal who was fired for revealing holes in TSA's security after the 9/11 attacks. MacLean added that TSA's assertion that the documents posted are old holds no merit. "How much in screening procedure changes in 17 months?" asked MacLean. "It's a one-dimensional process." Such glitches are made more likely, say critics, because there is no one at the helm of the TSA.
"One of the problems I see is we don't have anybody in charge," said Rep. Bennie Thompson (D-Miss.), Chairman of the House Homeland Security Committee. "We've been without a TSA administrator a good part of this year."
The TSA was created after the 9/11 attacks as a response to the ease with which hijackers were able to get through airport security. But it has been a troubled agency from the beginning.
"I'm afraid to say that there has been a pattern of incompetence and ineptitude on the part of the TSA over the years," said Ervin. "There have been improvements in TSA, but it appears as though these kinds of things happen again and again."
In a written statement the TSA said the inadvertently released screening manual is an outdated version of procedures from last year that has since been updated six times. Even so, the TSA has launched a full investigation. One thing officials have already learned is that if they had blacked out the sensitive parts with a magic marker, instead of a fancy computer program, there would have been no way for this breach to happen.