Facility Security, Grounds Security, Policies and Training

Theft of Aircraft Prompts Authorities to Review Security Procedures Regarding Insider Threats

On Friday, August 10, 2018, a 29-year-old Horizon Air ground crew employee was (sadly) able to highlight the immediate, seemingly unpredictable impact posed by insider threats. The worker, Richard Russell, was able to use his access to the cargo area and tarmac to steal the aircraft. Using a pushback tug designed to move planes on the ground, Russell was able to use the tug to position the Q400 turboprop plane, allowing him to easily taxi the aircraft to the runway.

Airplane at terminal gate in international airport

BrianAJackson / iStock / Getty Images Plus / Getty Images

Although no one was injured by Russell’s actions, there were a few close calls: He cut off a Delta jet that was taxiing to the runway, and he crashed the plane approximately 200 yards from an occupied cabin on Ketron Island.

According to reporting and a public statement from Brad Tilden, the Alaska Air CEO (Horizon is owned by Alaska Air), Russell had all the required clearances to access the secured area from where he stole the plane. In fact, it appears that he had worked his entire shift that day before he took the stolen plane on a 75-minute flight. His position on the grounds crew required a security clearance check that included a criminal background review stretching back 10 years before hiring. The background check would’ve been reconducted every 2 years. This means Russell, who was employed by Horizon for over 3 years, would’ve had to pass the screening twice.

In addition, Seattle-Tacoma (Sea-Tac) airport has extensive security measures, including thousands of cameras capturing secure areas from almost every angle and feeding video back to a central, monitored control room. Sea-Tac also employs a thorough screening for workers with secure access. While workers are required to use a combination of access cards and biometric scans to enter their work space, they must also go through screening like that of passengers moving through a Transportation Security Administration (TSA) screening. They are searched for weapons, explosives, and other contraband that poses a threat to passengers, employees, and infrastructure at the airport.

Even with the extensive (and expensive) security measures, no one saw this threat coming or even any red flags that would indicate Russell was capable of such an action.

The incident forces security professionals to ask the tough question: How could this have happened?

Ongoing Investigations and Immediate Responses

As one might expect, the security response to the situation was almost immediate. While no one was able to recognize what resembled the actions of a grounds crew member doing their job, that changed once the plane was in motion heading toward the runway. A recording of a conversation between an air traffic control operator and the pilot of the Delta flight Russell cut off suggests that the control tower had called North American Aerospace Defense Command (NORAD) and that F-15 jets were scrambled before the Q400 turboprop leaving the ground.

By the morning after the crash, the Federal Bureau of Investigations (FBI) and the National Transportation Safety Board (NTSB) had started investigating the incident. However, those inquests might take weeks as agency officers interview friends, family, and coworkers; comb through the wreckage and recover flight data; and write up reports.

Speaking to the Associated Press, Greg Winn, a former secret service agent and a professor in the University of Southern California’s aviation security program, notes that “this is too big a deal. It’s not going to go away. There’s going to be a lot of discussion, a lot of meetings, a lot of finger-pointing, and it’s going to come down to: How do we stop it?”

Port of Seattle Commissioner Courtney Gregoire doesn’t seem interested in waiting for recommendations that come from those discussions, though. In a press conference, she noted that Sea-Tac officials had already reached out to “other airports and airlines to begin to assess procedures.” Additionally, Sea-Tac has added security to the cargo area that the plane was taken from. Gregoire stated that “we’re not waiting. We expect a national-level conversation. We expect the federal government may have some ideas about regulation.”

Since the crash, there have been several security experts who suggested additional security measures that could help prevent an incident like this in the future, including:

  • Additional vetting of new hires;
  • Expanded monitoring of employees with access to secure areas;
  • Monitor parked aircraft more carefully via closed-circuit television;
  • Increase the number of security patrols where planes are parked;
  • Require a passcode (digital or electronic) before starting a plane’s engines;
  • Installing locks to prevent access to a plane’s throttle; and/or
  • Requiring grounds crew to work in pairs.

Ongoing concern among security experts stems from the potential for this incident to serve as a blueprint for potential copycats or terrorist organizations. However, others such as John Cox, an aviation security expert from Safety Operating Systems in Washington, D.C., believe that there shouldn’t be a “rush to adopt additional measures that might bog down airlines or otherwise be counterproductive.” Cox suggests that these types of attacks are so rare due to their degree of difficulty.