While intruders routinely breach the security fences protecting runways and planes at U.S. airports, the federal Transportation Security Administration is not keeping up with the threat or doing enough to help airports identify their vulnerabilities, according to a government report released Tuesday.
Congress asked the U.S. Government Accountability Office to investigate how often people get past airport perimeter security, and whether the TSA could do more to help airports anticipate and prevent incidents.
Using TSA data, the accountability office identified over 2,500 security incidents in each of the past three years at the nation's roughly 440 commercial airports. Those incidents ranged from people jumping fences to reach jets and passenger terminals to workers who forgot their security badges piggy-backing with a colleague through checkpoints.
The report notes that the nation's medium and small airports, which typically have less money to invest in perimeter security, have plenty of incidents — but do not undergo the "joint vulnerability assessments" that large airports receive every three years from the TSA and FBI.
The findings come several days after The Associated Press updated its ongoing investigation of perimeter security breaches at 31 of the nation's busiest airports. AP reported that the breaches happened more often than authorities first acknowledged, and remained as frequent as ever in the past year despite investments to fortify outer defenses at some airports.
Airports responded that no incident involved a known terrorist plot, and many intruders do not make it deep into airfields. Several airports also tried to suppress the release of information about breaches.
AP's investigation identified 345 perimeter security breaches from the start of 2004 through mid-February at those 31 airports, with an average of one every 10 days starting in 2012. The new federal report focused on October 2008 through October 2015. Due to changes with TSA's data-keeping, the accountability office did not give specific numbers — but a chart summarizing security incidents showed they have ranged between about 2,200 and about 2,800 annually, with the past three federal fiscal years being higher than the previous four.
Those incidents did not involve security inside passenger terminals — they happened at the fence line or access points where workers enter nonpublic areas. Airports, not the federal government, are directly responsible for security outside terminals.
The report's authors were not confident in drawing conclusions about trends in the nature or severity of the incidents because of how TSA keeps its data. Airports are supposed to report any security incident to the TSA, and say they do — but the database where the TSA logs incidents is not set up for analysis.
That means the TSA, despite having plenty of data, cannot pinpoint the biggest vulnerabilities.
TSA cannot say, for example, whether high-profile breaches at larger airports — such as a teenager who jumped a fence at the airport in San Jose, California, in 2014 and stowed away in the wheel well of a Hawaii-bound plane — might be a bigger security threat than breaches at regional airports.
That makes no sense to Rep. William Keating, D-Mass., one of the lawmakers who requested the study. To Keating, if TSA cannot spot trends and vulnerabilities, how can policy makers know how to allocate resources and change policies in the most effective ways.
"That information should all be system wide and available," he said. "But it's not there. And if it is there, it's not in a form that's useful to me as a congressman or to any official dealing with this."
The TSA said it was addressing the report's data analysis recommendation, as well as five others the authors made. They include updating TSA's 2013 assessment of risks at airports to account for emerging concerns such as the potential threat posed by "insiders" — employees who have access to secure areas of airports and allegedly have used that clearance to smuggle guns and drugs.
"The agency continues to partner with its stakeholders to mitigate risks by identifying enhanced methods of increasing security across all federalized airports in the country," TSA spokeswoman Lucy P. Martinez said in a written statement.
The report also said that the TSA has made some progress in doing joint vulnerability assessments. In 2009, the accountability office said that during fiscal years 2004-2008, the TSA did assessments at 57 airports — compared with 81 airports from fiscal years 2009-2015.
During those recent years, smaller airports had more than 1,600 security incidents, according to TSA data.