IWS - The Information Warfare Site
News Watch Make a  donation to IWS - The Information Warfare Site Use it for navigation in case java scripts are disabled

02 June 2004

OECD Urges Integrated Approach to Container Security

Major risks in inland transportation not addressed, report says

Governments, transport authorities, and shipping and other industries must work together within an integrated framework to reduce the risk of freight containers being used in terrorist attacks, says a report from a research group for the largest developed countries.

In the report on global container security, the Organization for Economic Cooperation and Development (OECD) says that addressing the security of containers requires a comprehensive intermodal framework integrating measures across the entire container transportation chain.

Although elements of such a framework are emerging in different countries, regions and segments of global industries, a fully integrated approach has not been implemented anywhere in the world yet, the OECD says.

The report points to container security during transportation inland as the weakest link in the transportation chain, according to a May 27 news release.

The OECD recommends establishing clear container handling rules; increasing security at rail yards, road stops and loading facilities; sealing containers with a high-security mechanical seals; and other measures to minimize security risks.

Following are the texts of the news release and the report's executive summary:

(begin text)

Organisation for Economic Co-operation and Development

Building Partnerships for Progress

OECD and ECMT Ministers Urge Tighter Security to Beat Freight Container Terrorism Risk

27/05/2004 -- Governments and transport authorities must act to tighten security of the freight container industry in order to reduce the risk of possible terrorist attacks, a new OECD/ECMT report recommends.

The container industry is vital to the world's economy, according to Container Transport Security across Modes, a report by the OECD's Maritime Transport Committee and the European Conference of Ministers of Transport (ECMT). More than 80 percent of goods traded world wide are transported by sea, much of them in containers involving thousands of container vessels and more than 250 million container movements every year.

The vulnerability of cargo containers has been a focus of international policy since the attacks of September 11th 2001. But though security on ships and at ports has been strengthened in recent years, little has been done to address inland security risks relating to cargo containers.

The report notes that security measures should not unduly slow down or block the flow of goods nationally and internationally. In fact, countries have many options that can increase security and actually facilitate the free flow of trade. Better coordination between transport authorities, customs officials and police forces can help. The report also advises governments to work closely with transport authorities when designing and implementing security measures.

The report outlines two scenarios in which the container industry could be vulnerable to terrorist attack: a "hijack" scenario in which terrorists intercept a legitimate consignment and tamper with it; and a "Trojan horse" scenario in which terrorists develop legitimate trading identities to then ship dangerous consignments. To minimise risks, the report specifically recommends improvements in relation to:

-- Shipper responsibility -- Shippers and/or other parties packing a container are the most important link in the container security chain. They should help to establish, and follow, clear container "stuffing" and sealing protocols and initiate the start of a clearly auditable trail for all containers.
-- Container security -- Containers should be sealed with, at a minimum, a high-security mechanical seal. The report advises against mandating the use of "smart" electronic locks at this time as the technology is not yet standardised and deployed internationally.
-- Inland security -- Containers are most at risk while being transported inland, especially when parked in rail yards, road stops and loading facilities. Security in these areas needs to be increased, ID checks for transport workers introduced and the time containers spend at loading terminals reduced.
-- International rules and recommendations -- Inland transport and maritime authorities should make more effort to comply with existing recommendations and international rules. Specifically, the report urges implementation of the recommendations of the ECMT Ministerial Declaration on Combating Terrorism in Transport, the 2001 Ministerial Conclusions on Combating Crime, and the ECMT Resolution No97/2 on Crime in International Transport. It also calls on countries to comply with the amended SOLAS [Safety of Life at Sea] Convention and the ISPS [International Ship and Port Facility Security] code that govern security measures for international ocean-going vessels.

The Executive Summary and Conclusions and Recommendations of the report are available at http://www.oecd.org/transport.

(end text)

(begin text)



Transport Authorities face a number of crime and security challenges relating to the systems under their jurisdiction. These persistent challenges include theft of goods and vehicles, attacks on truck drivers, illegal immigration, transport of dangerous goods and drug and contraband smuggling. In addition to these crime-related challenges, Authorities must remain vigilant to possible terrorist use or targeting of transport vehicles and infrastructure. Among these multiple threats, however, one in particular has consistently been cited for being extremely important and requiring a co-ordinated international response --- this threat is the possible misuse by terrorists of the maritime shipping container transport system. The ubiquity of these containers was, and is still, seen as the system's principal strength and sign of success. However, after the September 11th attacks on the United States, many countries realized that they had relatively little control over possible misuse of the system by terrorists.

In particular, the threat of a Chemical, Biological, Radiological or Nuclear Weapon (CBRN) being delivered via an anonymous shipping container has risen above other terrorist-linked threats to containerised transport and has become a principal driver of international transport security policy since 2001. This has a direct impact on transport authorities as they are charged with ensuring the efficient flow of goods while at the same time ensuring that the parts of the container transport chain under their jurisdiction are as secure as possible.

Transport Authorities Must Address Weak Links of the Container Transport Chain

One of the greatest difficulties in addressing the security of the container transport chain is that there is no single system governing the international movement of containers, in fact the opposite is true --- container transport is characterised by complex interactions among multiple actors, industries, regulatory agencies, modes, operating systems, liability regimes, legal frameworks, etc. Many of the security concerns in the container transport chain are related to inland carriers and freight integrators operating in the first few and last few links of the chain. These actors are numerous, disparate in nature and activity, operate on tight margins, and, as a result, represent more of a security risk than their larger counterparts further down the chain (i.e., large land, port and maritime transport operators). It is on these larger actors and their activities that most international and bilateral security initiatives have been focused to date.

Addressing the security of the container transport chain requires a comprehensive intermodal framework integrating measures across the entire container transport chain. Whereas such a framework may exist at the centre of the chain covering ports and maritime transport, as codified in SOLAS and the International Ship and Port Facility Security Code (ISPS), there is not yet an analogous framework for inland transport on the outer edges of the chain. Furthermore, while elements of this framework are emerging through the C-TPAT [Customs-Trade Partnership Against Terrorism] (for US trade), the BASC [Business Anti-Smuggling Coalition] (for certain large shippers), the UN-ECE [United Nations Economic Commission for Europe] (under development for freight forwarders and shippers), the WCO [World Customs Organization] (in their "cradle-to-grave" container stuffing and seal management guidelines) and in the proposed EU [European Union] Freight Security Directive, none of these address the container transport chain in its entirety.

More Specific Threat Assessments Involving Transport Authorities Needed

The spectre of containers being used to deliver chemical, biological, radiological and/or nuclear weapons has motivated international action to bolster the security of the container transport chain. However, very real questions remain as to terrorists' readiness, motivation and/or capability to use a container as a delivery platform for a CBRN [chemical, biological, radiological and nuclear] weapon. These questions should not preclude action to bolster container security -- especially insofar as containers can be misused by terrorists for other purposes -- but they should, at a minimum, be addressed more thoroughly through national/international assessments of specific risks posed by terrorists to the container transport chain.

In their role as facilitator and supporter of efficient transport solutions for trade, transport authorities need to be involved in this process. Differentiating the threat is important to Transport authorities because ill-adapted security measures can slow down or block the flow of goods nationally and internationally, while, on the other hand, well designed measures can actually facilitate trade.

Security Measures must be Adapted to the Threat

Specific security measures must be adapted to specific terrorist modus operandi. Terrorists targeting the container transport chain will likely use one of two approaches: i) they will intercept a legitimate consignment and tamper with it ("hijack" scenario) or ii) will usurp and/or develop a legitimate trading identity to ship an illegitimate and dangerous consignment (the "Trojan horse" scenario). Generally, the measures used to mitigate the threat of these scenarios fall into five groups: container scanning, ensuring the integrity of the container itself, controlling access to the container, tracking containers, and assessing container risk via the analysis of trade-related data. Not all of these measures are equally suited to counteract both the "hijacked container" and "Trojan horse" threats as described above: what works for one scenario will not necessarily work for the other.

Policy Levers at the Disposal of Transport Authorities

Transport authorities can play an important role in countering the "hijacked container" scenario by enhancing security at all points along the chain. This involves ensuring that transport operators take into account security measures relating to container integrity and sealing, securing the access to the container and facilitating container tracking --- this is especially important for inland transport authorities who exercise oversight on the vulnerable outer links of the container transport chain. On the other hand, transport authorities have considerably less scope for action in thwarting a "Trojan horse" shipment. In the latter case, effective Customs control is of paramount importance.

In addressing the security threat to the container transport system, Transport authorities should a) establish and/or build on rules governing container handling by operators under their authority and define procedures regarding container integrity, access and tracking, b) introduce security criteria in the licensing process of vehicles, operators, personnel and facilities and monitor whether licensees continue to meet these security requirements and c) communicate to Customs information regarding operators under their jurisdiction that might be useful in the container screening process.

Guiding Principles to Secure the Container Transport Chain

Container Security is a shared responsibility among all actors; any breach in security in one link compromises the security of the entire chain. However, because they are the only main actors with "real" contact with the contents of the container, shippers and/or those stuffing the container must play a primary role in securing the container transport chain. Accordingly, shippers and/or those stuffing a container should follow established security procedures, initiate an auditable custody trail and ensure that the container is sealed with, at a minimum, a high-security mechanical seal.

Electronic-seal technologies are not currently ready for commercial deployment for international use throughout the global container-handling network --- primarily because of the multiplicity of competing and incompatible operating standards and limited operational experience. These conflicts will most likely be overcome yet, until that happens, Transport and/or Customs authorities should not mandate the use of e-seals. If such a mandate is given at a later date, a clear distinction must be made between security-relevant e-seal data (e.g. seal status and container number) and supply-chain management-relevant data (packing list, shipper, consignee identity, etc). If the former should eventually be made mandatory, the latter should not.

Vulnerabilities in the container environment are highest in rail yards, road stops and parking and shipping/loading terminal facilities. Thus, insofar as these nodes are concerned, every effort should be made to physically secure the premises and to minimise the risks of unauthorised access. Thus, transport operators should screen employees according to security criteria. They should also check worker identification with other operators and develop protocols regarding access to containers by high security-risk workers in accordance with national laws.

The focus of container tracking should not be "real-time" but rather "right-time" tracking --- that is, ensuring that those who need to find out where a container is can do so when they need to know. In this context, most existing operator-specific tracking systems are sufficient for this purpose. Transport authorities should ensure that appropriate government agencies have access to this data as needed. In those cases where "real-time" tracking is the right solution, these systems should not be deployed without the back-up of a more "traditional" chokepoint control tracking system.

Screening and scanning of containers, while complimentary, are not the same. 100 percent container screening is possible, should an administration choose to do so -- 100 percent scanning, on the other hand, is not practical with current technologies. Insofar as container screening is concerned, Transport authorities should assist Customs in by ensuring that "proprietary" information (e.g. regarding transport operators, licensees, etc.) is made available to Customs for their container risk assessment. Transport authorities should also support the concept of advanced information submission to Customs and use of the Unique Consignment Reference number among transport operators to further facilitate container screening.

Specific Recommendations to Inland Transport and Maritime Authorities

Transport and Maritime Authorities should implement agreed international rules and recommendations. These include the ECMT Ministerial Declaration on Combating Terrorism in Transport, the 2001 Ministerial Conclusions on Combating Crime and the ECMT Resolution No. 97/2 on Crime in International Transport. Likewise, countries should comply with the amended SOLAS Convention and the ISPS code that govern security measures for international ocean-going vessels and ports by the July 1, 2004 deadline. Finally, Authorities should seek to go beyond these international agreements to ensure that those parts of the container transport chain not currently secured are included in a comprehensive security framework that embodies the guiding principles outlined above.

(end text)