The Federal Bureau of Investigation's Efforts to Protect the Nation's Seaports
(Redacted and Unclassified)

Audit Report 06-26
March 2006
Office of the Inspector General


Introduction


Background

U.S. seaports import and export cargo worth hundreds of billions of dollars each year. With more than 360 ports, the nation’s port system stretches along 95,000 miles of coastline. Over 95 percent of the nation’s overseas trade flows through seaports and inland waterways, and the U.S. economy is highly dependent on an efficient transfer of goods flowing into and out of these gateways.

The U.S. seaport system is complex, with each port having its own geography, infrastructure, and mix of cargo and passengers. Ports handle various bulk cargo, oil, liquefied natural gas, and other goods; serve as passenger terminals for ferries and cruise lines; and house or are adjacent to critical infrastructures such as chemical storage facilities, oil refineries and tanks, and rail yards. Ports also host naval bases and vessels.

Because of the maritime domain’s open nature and economic and military significance, it is an attractive target for exploitation and disruption by terrorists. Seaports are susceptible to terrorists because their facilities contain critical infrastructure, are sprawling and exposed, are accessible by water and land, are often close to crowded metropolitan areas, and are interwoven with complex transportation networks.

Consequently, seaports are vulnerable to a variety of terrorist attacks. For instance, cargo containers are a potential conduit for terrorists to smuggle a weapon of mass destruction (WMD) or other dangerous materials into the country. Also, ports often contain many potential targets such as military vessels and bases, cruise ships, passenger ferries, terminals, factories, office buildings, power plants, refineries, and other critical infrastructures. In January 2004 testimony before Congress, a Federal Bureau of Investigation (FBI) Counterterrorism Division (CTD) official recognized ports’ vulnerability to cargo thefts and smugglers of drugs, aliens, and weapons. He stated that terrorist organizations have studied the practices of traditional smuggling operations and are looking to exploit any weaknesses in the country’s port security system. He also said that access into and around U.S. port facilities is difficult to secure without closing access to legitimate business and recreational port traffic.

While no port-related terrorist attacks have occurred in the United States, a large-scale maritime attack could cause mass casualties and economic disruption. Internationally, terrorists attacked the USS Cole and the French tanker Limburg and have attempted other attacks on maritime targets, thus illustrating terrorist groups’ interest in exploiting the vulnerability of the maritime domain.

Authorities

The FBI derives its roles and responsibilities for preventing and responding to maritime-related terrorist attacks against the United States from a series of statutes and directives. The U.S. Coast Guard also has law enforcement authority in the maritime domain and, according to the Maritime Transportation Security Act (MTSA), is the lead federal agency responsible for seaport security. U.S. Customs and Border Protection (CBP), part of the Department of Homeland Security (DHS), is responsible for preventing terrorists from using cargo containers to smuggle personnel or a WMD into the United States.

FBI General Authority

The FBI’s general law enforcement authority comes from 28 U.S.C. § 533, which grants the Attorney General the authority to appoint officials to detect and prosecute crimes against the United States. That statute recognizes the need for the FBI to work with other federal law enforcement agencies that may also have concurrent authorities for crimes the FBI may investigate. In implementing this statutory mandate, the Attorney General made this concurrent authority clear by promulgating 28 C.F.R. § 0.85 instructing the Director of the FBI to “Investigate violations of the laws, including the criminal drug laws, of the United States and collect evidence in cases in which the United States is or may be a party in interest, except in cases in which such responsibility is by statute or otherwise exclusively assigned to another investigative agency.”

The FBI’s statutory jurisdiction includes the “special maritime and territorial jurisdiction” defined in 18 U.S.C. § 7:

The high seas, any other waters within the admiralty and maritime jurisdiction of the United States and out of the jurisdiction of any particular State, and any vessel belonging in whole or in part to the United States or any citizen thereof, or to any corporation created by or under the laws of the United States, or of any State, Territory, District, or possession thereof, when such vessel is within the admiralty and maritime jurisdiction of the United States and out of the jurisdiction of any particular State ….

This jurisdictional definition applies to both terrorism-related crimes as well as any other criminal offense in Title 18 U.S.C. that specifically applies to the “special maritime and territorial jurisdiction of the United States.”

FBI Authority for Investigating Terrorism

In addition to the FBI’s general authority to investigate federal crimes, 18 U.S.C. § 2332b (f), “Acts of Terrorism Transcending National Boundaries,” gives the Attorney General lead investigative authority over terrorist crimes, as follows: “In addition to any other investigative authority with respect to violations of this title, the Attorney General shall have primary investigative responsibility for all federal crimes of terrorism …”

The definition of Federal Crimes of Terrorism, 18 U.S.C. § 2332, lists several violations within the maritime domain in which the FBI has primacy, including:

  • 18 U.S.C. § 2280 — violence against maritime navigation covering the hijacking, damage/destruction, or other violence aboard a vessel that endangers the safe navigation of that vessel,
  • 18 U.S.C. § 2281 — violence against maritime fixed platforms,
  • 18 U.S.C. § 1363 — damage to buildings or property within the special maritime and territorial jurisdiction of the United States,
  • 18 U.S.C. § 81 — arson within the special maritime and territorial jurisdiction, and
  • 18 U.S.C. § 2332f — bombings of places of public use, government facilities, public transportation systems and infrastructure facilities including waterways.

In 28 C.F.R. § 0.85, the Attorney General made the FBI’s role in investigating terrorism clear, including those situations which may involve concurrent authority, by instructing the Director of the FBI to:

Exercise Lead Agency responsibility in investigating all crimes for which it has primary or concurrent jurisdiction and which involve terrorist activities or acts in preparation of terrorist activities within the statutory jurisdiction of the United States. Within the United States, this would include the collection, coordination, analysis, management and dissemination of intelligence and criminal information as appropriate. If another Federal agency identifies an individual who is engaged in terrorist activities or in acts in preparation of terrorist activities, that agency is requested to promptly notify the FBI. Terrorism includes the unlawful use of force and violence against persons or property to intimidate or coerce a government, the civilian population, or any segment thereof, in furtherance of political or social objectives.

Presidential Decision Directives (PDD) 39 and 62 reaffirm the existing statutory responsibilities for counterterrorism assigned to the FBI. In June 1995, 2 months after the bombing of the Murrah Federal Building, in Oklahoma City, the President issued PDD 39 to clarify U.S. counterterrorism policies. The PDD requires that “the Secretaries of State, Defense, Treasury, Energy and Transportation, the Attorney General, the Director of Central Intelligence and the Director, FBI shall ensure that their organizations’ counterterrorism capabilities within their present areas of responsibility are well managed, funded, and exercised.”

The PDD also directs that certain federal agencies, including the FBI take measures to:

  • reduce vulnerabilities and prevent and deter terrorist acts before they occur;
  • respond to terrorist acts that do occur (crisis management) and apprehend and punish terrorists; and
  • manage the consequences of terrorist acts.

The strategy outlined in PDD 39 incorporates the need to address terrorists’ potential use of WMD across the three elements listed above. PDD 39 gives the FBI responsibility for reducing the United States’ vulnerability to terrorism through an expanded program of counterterrorism and gives the FBI lead federal agency responsibility for crisis response and crisis management in the event of a terrorist attack on U.S. soil. Specifically, the FBI leads the operational response to a terrorist attack while performing law enforcement and investigative efforts to deter, preempt, apprehend, and prosecute terrorists.

In May 1998, the President issued PDD 62, which reaffirms the FBI’s lead agency role in crisis management for terrorist events occurring domestically and clarifies or establishes various agencies’ roles in the overall federal counterterrorism strategy.

United States Coast Guard

According to 14 U.S.C. § 2, the Coast Guard "shall enforce or assist in the enforcement of all applicable federal laws on, under, or over the high seas and waters subject to the jurisdiction of the United States," thereby granting the Coast Guard concurrent authority over maritime matters with other federal agencies.

The safety and protection of U.S. ports, waterways, and marine environment are governed by Title 33 of the U.S. Code. As provided by 33 U.S.C. § 1226 and § 1227, the Coast Guard has concurrent authority to prevent, respond to, or investigate an act of terrorism within its jurisdiction.

The FBI and Coast Guard entered into several memoranda of understanding (MOU) and other agreements, in which both federal agencies acknowledge their concurrent jurisdiction and the need for cooperation and coordination in the maritime domain. Most recently, in 1979 the FBI Director and the Coast Guard Commandant signed an MOU agreeing to a policy of mutual assistance in support of FBI and Coast Guard operations to counteract terrorist activities in the maritime environment. According to the MOU, the FBI:

  • maintains a large number of strategically located Special Weapons and Tactics (SWAT) teams;
  • has personnel trained to act as negotiators in dealing with terrorists’ demands; and
  • can use SWAT teams to suppress terrorists’ actions during direct confrontation scenarios.

The Coast Guard:

  • maintains and operates a large number of strategically located floating units, aircraft, vehicles, and shore stations; and
  • has trained personnel to react to law enforcement activities in a maritime environment.

This MOU was intended to eliminate delays in response time to terrorist activities and encourage procedures and contingency plans to combat terrorist activities in the maritime domain.

United States Customs and Border Protection

The Department of Homeland Security’s CBP, which enforces import and export laws and regulations, also has responsibilities for preventing terrorists and WMD from entering the United States. Specifically, CBP is responsible for preventing terrorists from exploiting vulnerabilities caused by the movement of millions of oceangoing containers. Because approximately nine million of these cargo containers arrive at U.S. seaports every year, it is not feasible for CBP inspectors to physically inspect each container. Instead, CBP inspectors, both at overseas and U.S. seaports, assess the risk of each container to determine which containers will undergo inspections. For those containers determined to be high-risk, CBP inspectors perform a non-intrusive examination, an intrusive inspection, or a combination of both. A non-intrusive examination may include one or more of the following techniques: use of an x-ray or gamma ray machine to identify anomalies in a container’s contents, radiation detectors to identify illegitimate radioactive material, and canine search for narcotics or explosives. An intrusive inspection generally involves a partial or total removal of a container’s contents.

Recent Legislation and Directives

Since the attacks of September 11, 2001, the federal government has been attempting to strengthen U.S. transportation and critical infrastructure security weaknesses. Seaports have been widely recognized as a critical vulnerability in the nation’s defense against terrorism.

In November 2002, Congress passed the Maritime Transportation Security Act, which mandated an increase in the Coast Guard’s responsibility in maritime terrorism prevention and response. The MTSA also requires the Secretary of Homeland Security, through the Coast Guard, to conduct a detailed vulnerability assessment of port facilities and vessels that may be involved in a transportation security incident. The vulnerability assessment must include the identification and evaluation of critical assets and infrastructures, identification of the threats to those assets and infrastructures, and identification of weaknesses in areas such as physical security, structural integrity, and contingency response.

The MTSA also requires that the Coast Guard develop a National Maritime Transportation Security Plan for deterring and responding to a transportation security incident at U.S. ports. This plan must identify: assignments of duties and responsibilities among responding federal, state, and local agencies; security resources; emergency procedures; and ranking of critical infrastructure.

The MTSA also directed the Coast Guard to create Maritime Safety and Security Teams (MSSTs) capable of rapidly responding to maritime terrorism threats to U.S. waters and ports. MSSTs are required to have the ability to conduct high-speed intercepts; board, search, and seize any harmful article in a vessel or port; and assist with vulnerability assessments of facilities. The MSSTs are directed to coordinate their activities with other responding agencies.

On December 21, 2004, the President issued National Security Presidential Directive 41/Homeland Security Presidential Directive 13, entitled “Maritime Security Policy,” outlining a policy to fully coordinate and integrate government-wide efforts to protect U.S. interests in the maritime domain. The directive requires the Secretaries of Defense and Homeland Security to jointly lead the interagency effort by drafting an overarching maritime domain strategy called the National Strategy for Maritime Security along with eight supporting plans.

The National Strategy for Maritime Security, issued in September 2005, attempts to align federal government maritime security programs into a comprehensive national effort involving federal, state, local, and private sector entities. The eight supporting plans address the specific threats and challenges of the maritime environment. One supporting plan, the October 2005 Maritime Operational Threat Response (MOTR) plan, details federal agencies’ protocols in responding to various maritime terrorism threats or incidents. The MOTR describes the U.S. government’s plan to respond to terrorist threats in the maritime domain, including the roles of the different federal agencies, protocols for lead and supporting agencies, and the need for additional planning. It calls for operating plans outlining how each lead agency will fulfill its responsibilities. The MOTR endorses capability-based planning, calling for all plans to assess the capabilities needed to meet the plan’s requirements and identify any gaps. [INFORMATION REDACTED]

Prior Reports

The Department of Justice (DOJ) Office of the Inspector General (OIG) and the Government Accountability Office (GAO) have conducted several audits that are relevant to our review of the FBI’s maritime terrorism efforts.

Department of Justice OIG

Since 2002, the OIG has published several reports discussing FBI counterterrorism programs and initiatives.

In September 2002, the OIG issued Audit Report 02-38, A Review of the Federal Bureau of Investigation's Counterterrorism Program: Threat Assessment, Strategic Planning, and Resource Management, which reviewed aspects of the FBI’s management of its counterterrorism resources. This report found that the FBI had not performed a comprehensive assessment of the terrorist threat facing the United States and that the FBI has adequately established strategic priorities or effectively allocated resources to its counterterrorism program. The report made 14 recommendations to the FBI, including:

  • prepare an authoritative written national-level threat and risk assessment of terrorism with a predictive and strategic view, including the potential use of WMD;
  • develop criteria for evaluating and prioritizing incoming threat information for analysis, and establish a protocol to guide the distribution of threat information; and
  • issue a policy on and develop a system for capturing and disseminating lessons learned from counterterrorism incidents, operations, and exercises.

In December 2003, the OIG issued Audit Report 04-10, The Federal Bureau of Investigation’s Efforts to Improve the Sharing of Intelligence and Other Information. The focus of this audit was to identify and evaluate corrective actions taken by the FBI to improve the sharing of intelligence and other information since the September 11, 2001, terrorist attacks. The OIG made six recommendations to improve the FBI’s ability to provide useful information within the FBI and to other federal, state, and local agencies. One recommendation stated the FBI should use its Concepts of Operations as a framework to establish a written policy and procedures for information sharing, including what types of information should be shared with specific parties, and under what circumstances.

In June 2005, the OIG issued Audit Report 05-27, Review of the Terrorist Screening Center (TSC). The TSC was created to consolidate government watch lists of suspected terrorists, and the FBI was designated as the lead agency responsible for administering the TSC. The OIG report provided 40 recommendations to the TSC to strengthen its operations. The OIG report highlighted the TSC’s need to create formal plans for automating greater outreach of threat information to particular target organizations and industries. For instance, the TSC should have a targeted maritime group with key government and private stakeholders. The OIG identified weaknesses in the consolidated watch list in the completeness and accuracy of data, and recommended that the TSC develop procedures to regularly review and test the information contained in the terrorist screening data base.

In addition, the OIG concluded that the management of the TSC call center and its staff needed improvement. The OIG recommended that the TSC establish protocols for the proper entry and review of data in the Encounter Management database and develop an automated method for flagging records in the database that require follow-up action. Likewise, the TSC needed to establish an automated method for entering call data and sharing this data with the FBI’s Counterterrorism (CT) Watch to eliminate redundancy and reduce the time it takes for CT Watch to receive the data.

Government Accountability Office

The GAO has also conducted reviews of the FBI, with several reports recommending the FBI initiate risk-management techniques and performance measures.

Since 1998, the GAO has consistently advocated the use of risk-management techniques to allocate the nation’s counterterrorism resources.2 In 1999, the GAO further recommended that the FBI conduct a national-level assessment to combat terrorism.3

In January 2005, the GAO issued Homeland Security: Agency Plans, Implementation, and Challenges Regarding the National Strategy for Homeland Security, which analyzes government-wide challenges in implementing counterterrorism and homeland security strategies. The report recognized that improving risk-management methods for resource allocation and investments is a challenge facing all federal departments with homeland security missions. A risk-management approach entails a continuous process of managing risk through a series of actions, including setting strategic goals and objectives, assessing risk, evaluating alternatives, selecting initiatives to undertake, and implementing and monitoring those initiatives. The report also discusses a second government-wide challenge, developing adequate performance measures for homeland security initiatives.



Footnotes
  1. Government Accountability Office. Combating Terrorism: Threat and Risk Assessments Can Help Prioritize and Target Program Investments(GAO/NSIAD-98-74), April 9, 1998.

  2. Government Accountability Office. Combating Terrorism: Need for Comprehensive Threat and Risk Assessments of Chemical and Biological Attacks (GAO/NSIAD-99-163), September 14, 1999.



« Previous Table of Contents Next »