TSA plays down GAO success at evading airport security

Transportation Security Administrator Kip Hawley Thursday played down a new report that undercover GAO investigators had smuggled bomb components past TSA screeners at 19 airports this year, calling the checkpoints one part of a multi-tiered risk management system.

On the eve of the busy holiday season, "the American public can be confident traveling," Hawley said at a House Oversight and Government Reform Committee hearing.

Using cheap components and public information on security weaknesses, GAO agents passed a detonator and materials for two types of liquid-based bombs past TSA checkpoints without being challenged, even though TSA screeners generally followed correct procedures. While details of methods used by both GAO and TSA were not released, the results show that recent TSA restrictions on carrying liquid and gels regularly fail. The restrictions were imposed after an apparent British-based plot to bomb trans-Atlantic flights.

The GAO report drew denunciations from committee Democrats and Republicans, with many members chiding TSA for failing to make improvements after similar GAO tests succeeded at 21 airports last year. TSA "has had six years and spent billions of taxpayer dollars, yet our airlines remain vulnerable," said Oversight and Government Reform Chairman Henry Waxman, D-Calif., who added, "That's an embarrassing and dangerous record."

But Hawley suggested the committee has unrealistic expectations. TSA seeks to reduce, not eliminate, the chances of a catastrophic attack, he said. "You can never get to zero," Hawley told CongressDaily. He said in testimony, "What we're engaged in is risk management, [which] looks at the capacity of getting an airplane down."

Hawley emphasized that TSA has a 19-layer system designed to stop terrorists before and after they pass through security. He noted that GAO did not smuggle assembled bombs onto the planes and said the devices were less powerful than those TSA focuses resources on detecting. "We know what terrorists work on," Hawley said. "We know their capabilities.... We look at what can do actual serious damage, not just damage a plane. I mean, my pen could do serious damage." He later added: "Yes, there are vulnerabilities. But we can't ... say, 'Oh, my goodness, they brought some firecrackers through.' "

GAO officials testified that while the smuggled devices, once assembled, would damage a plane, it was unclear if they would down it. Citing security concerns, Hawley and GAO officials declined to discuss details of the security process, including what rate of success in detecting liquid bomb components TSA considers acceptable. John Cooney, GAO assistant director for forensic audits and special investigations, acknowledged that the system cannot be fail-proof.

"If you have a terrorist ... with no regard for the life of anybody else, he could do damage," Cooney said.

Stay up-to-date with federal news alerts and analysis — Sign up for GovExec's email newsletters.
Close [ x ] More from GovExec

Thank you for subscribing to newsletters from GovExec.com.
We think these reports might interest you:

  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

  • Cyber Risk Report: Cybercrime Trends from 2016

    In our first half 2016 cyber trends report, SurfWatch Labs threat intelligence analysts noted one key theme – the interconnected nature of cybercrime – and the second half of the year saw organizations continuing to struggle with that reality. The number of potential cyber threats, the pool of already compromised information, and the ease of finding increasingly sophisticated cybercriminal tools continued to snowball throughout the year.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • GBC Issue Brief: The Future of 9-1-1

    A Look Into the Next Generation of Emergency Services

  • GBC Survey Report: Securing the Perimeters

    A candid survey on cybersecurity in state and local governments

  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.

  • eBook: State & Local Cybersecurity

    CenturyLink is committed to helping state and local governments meet their cybersecurity challenges. Towards that end, CenturyLink commissioned a study from the Government Business Council that looked at the perceptions, attitudes and experiences of state and local leaders around the cybersecurity issue. The results were surprising in a number of ways. Learn more about their findings and the ways in which state and local governments can combat cybersecurity threats with this eBook.


When you download a report, your information may be shared with the underwriters of that document.