TSA plays down GAO success at evading airport security

Transportation Security Administrator Kip Hawley Thursday played down a new report that undercover GAO investigators had smuggled bomb components past TSA screeners at 19 airports this year, calling the checkpoints one part of a multi-tiered risk management system.

On the eve of the busy holiday season, "the American public can be confident traveling," Hawley said at a House Oversight and Government Reform Committee hearing.

Using cheap components and public information on security weaknesses, GAO agents passed a detonator and materials for two types of liquid-based bombs past TSA checkpoints without being challenged, even though TSA screeners generally followed correct procedures. While details of methods used by both GAO and TSA were not released, the results show that recent TSA restrictions on carrying liquid and gels regularly fail. The restrictions were imposed after an apparent British-based plot to bomb trans-Atlantic flights.

The GAO report drew denunciations from committee Democrats and Republicans, with many members chiding TSA for failing to make improvements after similar GAO tests succeeded at 21 airports last year. TSA "has had six years and spent billions of taxpayer dollars, yet our airlines remain vulnerable," said Oversight and Government Reform Chairman Henry Waxman, D-Calif., who added, "That's an embarrassing and dangerous record."

But Hawley suggested the committee has unrealistic expectations. TSA seeks to reduce, not eliminate, the chances of a catastrophic attack, he said. "You can never get to zero," Hawley told CongressDaily. He said in testimony, "What we're engaged in is risk management, [which] looks at the capacity of getting an airplane down."

Hawley emphasized that TSA has a 19-layer system designed to stop terrorists before and after they pass through security. He noted that GAO did not smuggle assembled bombs onto the planes and said the devices were less powerful than those TSA focuses resources on detecting. "We know what terrorists work on," Hawley said. "We know their capabilities.... We look at what can do actual serious damage, not just damage a plane. I mean, my pen could do serious damage." He later added: "Yes, there are vulnerabilities. But we can't ... say, 'Oh, my goodness, they brought some firecrackers through.' "

GAO officials testified that while the smuggled devices, once assembled, would damage a plane, it was unclear if they would down it. Citing security concerns, Hawley and GAO officials declined to discuss details of the security process, including what rate of success in detecting liquid bomb components TSA considers acceptable. John Cooney, GAO assistant director for forensic audits and special investigations, acknowledged that the system cannot be fail-proof.

"If you have a terrorist ... with no regard for the life of anybody else, he could do damage," Cooney said.

Stay up-to-date with federal news alerts and analysis — Sign up for GovExec's email newsletters.
Close [ x ] More from GovExec

Thank you for subscribing to newsletters from GovExec.com.
We think these reports might interest you:

  • Sponsored by Brocade

    Best of 2016 Federal Forum eBook

    Earlier this summer, Federal and tech industry leaders convened to talk security, machine learning, network modernization, DevOps, and much more at the 2016 Federal Forum. This eBook includes a useful summary highlighting the best content shared at the 2016 Federal Forum to help agencies modernize their network infrastructure.

  • Sponsored by CDW-G

    GBC Flash Poll Series: Merger & Acquisitions

    Download this GBC Flash Poll to learn more about federal perspectives on the impact of industry consolidation.

  • Sponsored by One Identity

    One Nation Under Guard: Securing User Identities Across State and Local Government

    In 2016, the government can expect even more sophisticated threats on the horizon, making it all the more imperative that agencies enforce proper identity and access management (IAM) practices. In order to better measure the current state of IAM at the state and local level, Government Business Council (GBC) conducted an in-depth research study of state and local employees.

  • Sponsored by Aquilent

    The Next Federal Evolution of Cloud

    This GBC report explains the evolution of cloud computing in federal government, and provides an outlook for the future of the cloud in government IT.

  • Sponsored by Aquilent

    A DevOps Roadmap for the Federal Government

    This GBC Report discusses how DevOps is steadily gaining traction among some of government's leading IT developers and agencies.

  • Sponsored by LTC Partners, administrators of the Federal Long Term Care Insurance Program

    Approaching the Brink of Federal Retirement

    Approximately 10,000 baby boomers are reaching retirement age per day, and a growing number of federal employees are preparing themselves for the next chapter of their lives. Learn how to tackle the challenges that today's workforce faces in laying the groundwork for a smooth and secure retirement.

  • Sponsored by Hewlett Packard Enterprise

    Cyber Defense 101: Arming the Next Generation of Government Employees

    Read this issue brief to learn about the sector's most potent challenges in the new cyber landscape and how government organizations are building a robust, threat-aware infrastructure

  • Sponsored by Aquilent

    GBC Issue Brief: Cultivating Digital Services in the Federal Landscape

    Read this GBC issue brief to learn more about the current state of digital services in the government, and how key players are pushing enhancements towards a user-centric approach.

  • Sponsored by CDW-G

    Joint Enterprise Licensing Agreements

    Read this eBook to learn how defense agencies can achieve savings and efficiencies with an Enterprise Software Agreement.

  • Sponsored by Cloudera

    Government Forum Content Library

    Get all the essential resources needed for effective technology strategies in the federal landscape.


When you download a report, your information may be shared with the underwriters of that document.