Stephen Flynn

Position: Jeane J. Kirkpatrick Senior Fellow for National Security Studies, Council on Foreign Relations

Issue: Container security. The cargo shipping system moves tens of millions of containers around the world each year by train, truck, and ship, with next to no security. What can technology do to make the system less vulnerable to terrorist attacks?

Personal Point of Impact: Using security expertise garnered as a U.S. Coast Guard commander, helped initiate Operation Safe Commerce, a $58 million federal pilot project to test container security technologies at the Port of New York and New Jersey, the Ports of Los Angeles and Long Beach, and the Ports of Seattle and Tacoma

Technology Review: How vulnerable is the cargo shipping system to attack?

Stephen Flynn: The system was designed with virtually no security built into it. Is there an opportunity to put a weapon of mass destruction into the system? Yes. Anybody on the planet who has between $3,000 and $5,000 can get a 40-foot [12-meter] box dropped off at their home or backed up to their workplace. They can load it with up to 32 tons [29 metric tons] of material, close the doors, put a 50-cent lead seal on it, and it’ll be off to the races.

TR: There’s no inspection of the containers?

Flynn: The Bureau of Customs and Border Protection only inspects those containers it has determined to be “high risk.” The figure that’s in use today is that 4 percent of all containers are somehow physically inspected. There aren’t really firm standards set for inspection. It could be the inspectors simply looked at the documentation. It could mean that they looked at the seal to see that the seal hadn’t been tampered with, or they looked at the exterior of the box to check that the thing hadn’t been breached. It could mean that they physically opened the back door, and everything looked fine in the dark, and they closed it back up. It could mean that they ran a nonintrusive scanner to x-ray the interior. Or it could mean that they opened up the box and took everything out and looked it over. Since a container can hold up to 32 tons of material, unladening or “unstuffing” the box is very rare.

TR: That doesn’t sound very secure.

Flynn: It shouldn’t. But the real question here is, how can we be confident the other 96 percent are low risk? The targeting system used by U.S. government agencies to trigger an inspection relies heavily on the cargo manifest. The manifest is supplied by the transportation provider, such as a shipping company, but it’s essentially secondhand information. The manifest says, “This is what my customer tells me that I’m shipping, and I’m going to take his word for it.” The transportation provider doesn’t do any verification of its own.

TR: What would happen if terrorists did blow up a container?

Flynn: If you had even one container go off, or if it’s al-Qaeda-style, you have three, then it immediately will raise the question in America’s mind: if this one box could go off, which was presumed to be legitimate, what about all the other boxes? And the answer right now would be we really don’t know. So the political imperative will be that you will shut the system down until you can sort it out.

Within about three weeks, you’ll shut down the global trade system, because you’ve got 90 percent of general merchandise, virtually everything that goes into retailing, everything that goes into the manufacturing sector, moving in these ubiquitous 40-by-8-foot [12-by-2.4-meter] boxes. And it doesn’t have to be a weapon of mass destruction. It can be just a reasonably high-end conventional explosive, like a major truck bomb.

TR: What effect would shutting down the system have?

Flynn: It means global recession. Probably global depression. The person on the street may think, “I’ll just go to Wal-Mart and get what I need.” Well, Wal-Mart, within two weeks, will have nothing on the shelves. Because there are no warehouses: their warehouse is in the transportation and distribution system. So it’s a tremendous vulnerability that has cascading effects, not just for the bottom line, but for the daily lives of Americans. A good example is the West Coast longshoremen lockout of the fall of 2002. It’s estimated this 10-day event cost the U.S. economy over $20 billion.

TR: Are there technologies out there that could improve security?

Flynn: The good news is that there are, and they’re off the shelf, or near off the shelf. One key thing is the need to track the containers that move through the system. The technology for this is a combination of Global Positioning System and radio frequency identification [RFID] technologies. We don’t need to have real-time data about where every box is. We need to capture a record of where the boxes have been, and then at key points we interrogate the box to find out, “Where have you been, what have you been up to?” That can get downloaded through RFID. Then that information gets relayed to somebody who decides, “Oh, there’s information here that arouses my concern. Before this box is allowed into this loading port, I want it set aside so we can check on it. All the other boxes can keep going.” But there may be some places where, because there’s particularly high risk of other things happening, such as cargo theft, you want real-time GPS tracking.

TR: What about checking to make sure the boxes haven’t been tampered with?

Flynn: The kinds of things we’re looking at are sensors built into the box that can pick up things like light, or change in barometric pressure, or change in temperature, which would only come from somebody breaching the wall of the container or opening the door. And then there are other sensors out there for dealing with very important issues like radiation. All these sensors are important, because you can literally punch your way through the boxes. It takes next to nothing to breach a container.

TR: How do you integrate the tracking and sensor technologies?

Flynn: When the sensor goes off, the location of the box should be logged, and then I want that information stored until the box gets to a point where I can act on it, like a loading port. There, it goes through an RFID interrogator that says, “A box is coming in, here’s the box’s data, and whoops, the sensor went off.” We can find out just where that was. And then the terminal operator can say, “I don’t want that box in here. Let’s shift it off over to this-hopefully safer-area here, and then we’ll go through and do an inspection.”

TR: How much will all this technology cost?

Flynn: Equipment that monitors the position and integrity of the cargo would likely cost from $100 to $200 per box. Built-in sensors that could detect chemical and radiological materials would add another $50. Affordable and dependable sensors for biological agents are probably still a couple of years away but will come in about that price as well. A container has a typical life span of 10 years and is used up to five times per year, so even if the final installation and maintenance price tag came in at $500, and the sensors were replaced every five years, the cost of the “smart box” technologies could be as low as $10 to $20 per use. To put that figure into context, transpacific freight rates have fluctuated by more than $1,000 per container over the past 18 months with no measurable impact on world trade.

TR: Couldn’t the bad guys find a way around these technologies?

Flynn: The bad guys who are sophisticated will compromise your system-block your sensor, jam the signal, they’ll do all those things. But security works when you build layers. Each layer itself doesn’t have to be perfect. But collectively they create a pretty powerful deterrent. And it’ll get you to the point where these guys say, “This is not a system that I want to mess with,” versus the one we have right now, which is practically an open invitation for terrorists to do their worst.