Summary of Terrorism Threat to the U.S. Homeland

Duration:  This Bulletin will expire on or before January 18, 2020 at 1:00pm EST

  • The United States designated Iran a "State Sponsor of Terrorism" in 1984 and since then, Iran has actively engaged in or directed an arrary of violent and deadly acts against he United States and its citizens globally.  The United States deisgnated Iran's Islamic Revoluntionary Guard Corps (IRGC) a Foregin Terrorist Organization on April 15, 2019 for its direct involvement in terrorist plotting.
  • On January 2, 2020, the United States carried out a lethal strike in Iraq killing Iranian IRGC-Quds Force commander Qassem Soleimani while Soleimani was in Iraq.
  • Iranian leadership and several affiliated violent extremist organizations publicly stated they intend to retaliate against the United States.
  • At this time we have no information indicating a specific, credible threat to the Homeland.  Iran and its partners, such as Hizballah, have demonstrated the intent and cabability to conduct operation in the United States.
  • Previous homeland-based plots have included, among other things, scouting and planning against infrastructure targets and cyber enabled attacks against a range of U.S. based targets.
  • Iran maintains a robust cyber program and can execute cyber attacks agains the United States.  Iran is capable, at a minimum, of carrying out attacks with temporary disruptive effects against critical infrastructure in the United States.
  • Iran likely views terrorists activities as an option to deter or retaliate against its perceived adversaries.  In many instances, Iran has targeted United States interests through its partners such as Hizballah.
  • Homegrown Violent Extremists could capitalize on the heightened tensions to launch individual attacks.
  • An attack in the homeland may come with little or no warning.
  • The Department of Homeland Security is working closely with our federal, state, local, and private sector partners to detect and defend against threats to the Homeland, and will enhance security measures as necessary.

How You Can Help

  • Report suspicious activitiy to local law enforcement wo are best to offer specific details on terroristic indicators.
  • Report suspicious activity or information about a threat, including online activity, to fusion centers and the FBI's Field Offices - part of the Nationwide Suspicious Acitivity Reporting Initiative.

Be Prepared

  • Be prepared for cyber disruptions, suspicious emails, and network delays.
  • Be responsible for your personal safety.  Know where emergency exits and security personnel are located.  Carry emergency contact and special needs information with you.
  • Implement basic cyber hygience practices such as effecting datea backups and employing multi-factor authentication.  For more information visit CISA.gov
  • Connect, Plan, Train, and Report to prepare businesses & employees.  Security tools/resources can be accessed through the DHS's Hometown Security Campaign.

Stay Informed

  • The U.S. Government will provide additional information about any emerging threat as additional information is identified.  The public is encourage to listen to local law enforcement and public safety officials.
  • We urge Amercians to continue to travel, attend public events, and feely associate with others but remain vigilant and aware of your surroundings.

 

 

Recently, several experienced U.S. Coast Guard facilities inspectors reported finding these issues at numerous facilities:

  • Documented drills focused on portions of the facility not regulated by the Maritime Transportation Security Act (MTSA); often these drills were dictated by corporate headquarters.  Although inappropriately filed with MTSA-required documentation, these drills do not fulfill MTSA’s monthly requirement.
  • The same drills completed month after month.
  • Safety drills filed as security drills, although the drill was stopped before actually exercising any potential security nexus. (for example, a fire at the plant could result in the fire department being summoned, but drill stopped before Personnel with Security Duties (PSD) are tested for their ability to receive and appropriately direct arriving emergency personnel).

What does Seebald & Associates recommend?  Your documentation is critical to making a good impression on a Coast Guard inspector.   We recommend:

  • Minimize documents given to the U.S Coast Guard  Remove drill data older than 2 years.  Do NOT include drills that fail to exercise your Facility Security Plan (FSP) or that do not relate to your MTSA-regulated footprint. 
  • If necessary, educate your corporate headquarters regarding the U.S. Coast Guard’s exclusive focus on  your FSP and the MTSA-regulated footprint; if your HQ still requires drills outside this limited purview, file those drills separately from your MTSA-required FSO documents.  (When police stop a motorist and ask for license and registration, is it wise to also volunteer your tax returns?  No!)
  • Vary your drill material to eventually test every element of your FSP.  Vary shifts and weekend/weekdays, keeping everyone more alert.  Conducting the same drill every month breeds complacency.
  • Collaborate closely with your safety staff.  Allowing a safety drills to progress the point where security is also tested will maximize your facility’s drill effectiveness (“killing two birds with one stone”), enhance collaboration between facility personnel, and minimize lost operational time.  The same is true for those frequent safety briefs - ask to have a couple minutes to review security information, such as the requirements for “all other” personnel to know - especially before the U.S. Coast Guard comes to inspect!

... and remember vessels at the facility during your drills!  The regulations stipulate that the facility can't force a vessel to participate in a drill, but Seebald & Associates recommend inviting them to participate as a best practice.  At a minimum, the FSO should notify the vessel that the facility is (or will be) conducting a security drill.  Drills that involve suspicious activity/packages, breach of security/possible intruder, MARSEC increase, etc. - all of these and more should involve notifying the vessel, even if the vessel doesn't want to participate (or simulated vessel notification if no vessel is actually present).  

The National Response Center (NRC) recently changed how it wants to be notified in the event of a maritime and cybersecurity incident.  The NRC published a bulletin https://mariners.coastguard.blog/2019/12/04/reporting-security-incidents-to-national-response-center/, reminding owners and operators to ensure they list the NRC's 24-hour hotline, 800-424-8802, in their facility/vessel security plan.  Use of the telephone hotline ensures reliability and allows the NRC watchstander answering the phone to make sure all pertinent information is recorded.  The NRC NO LONGER provides an email address on its website for reporting incidents.

All Facility Security Officers (FSO) and Company Security Officers (CSO) of MTSA regulated 105 maritime facilities and 106 Outer Continental Shelf (OCS) facilities should take this opportunity to make changes to your Facility/OCS Facility Security Plans specifically for sections which list the contact information for the NRC.  Seebald & Associates recommends that FSO/CSOs update their standard operating procedures, quick response cards and contact checklists at all access points to ensure they are properly contacting the NRC.  FSOs/CSOs that review and update their FSPs should document this action as a security drill and ensure the change is communicated to all employees. 

Additionally, for cyber incidents that do not also involve physical or pollution effects, the Coast Guard allows reporting parties to call and report the incident to the National Cybersecurity and Communications Integration Center (NCCIC) in lieu of the NRC. NCCIC is a 24×7 cyber situational awareness, incident response, and management center staffed by watch standers who can also provide technical assistance following an incident. It is imperative that the reporting party inform the NCCIC that they are a Coast Guard regulated entity in order to satisfy the reporting requirements of 33 CFR 101.305. NCCIC can be reached at (888) 282-0870.

Coast Guard Policy Letter 08-16, “Reporting Suspicious Activities and Breaches of Security,” outlines the requirements for regulated vessels and facilities to report security incidents, in accordance with the 2002 Maritime Transportation Security Act.

Visit our website at www.seebald.com to learn more about our products, services and our exceptional team of maritime security professionals and to sign up to receive current maritime security news and updates. To request any of our maritime security products and services contact This email address is being protected from spambots. You need JavaScript enabled to view it..

Seafarer’s Access is in the news once again and it is time to prepare.  The Coast Guard’s Office of Port and Facility Compliance recently published a Marine Safety Information Bulletin on this topic, reminding facility operators of the requirements, including key dates.

In plain language, the purpose of the Seafarer’s Access Final Rule is to ensure that waterfront facilities have a way to accommodate mariners who wish to transit through a Maritime Transportation Security Act regulated facility in order to go into town, or to return to or join the ship.  The regulation also applies to pilots, and to members of Seafarer welfare organizations, like Seaman’s Church Institute. 

Most of us who work with mariners can appreciate the need to treat our seafarers with dignity, and to find ways to improve the quality of their lives without compromising security.

The next milestone in the Seafarer’s Access program is February 3, 2020.  By that date, facility operators must have a system for accommodating Seafarer Access documented in their Facility Security Plans.  This will require an amendment to your Facility Security Plan.  Given that the Coast Guard requires facility operators to submit amendments 60 days in advance, you should be working on those procedures now.

Not sure of what, exactly, is required or how to get it to the Coast Guard for approval?  Not to worry, Seebald & Associates are here to help.  We have been incorporating Seafarer Access procedures in our audits, and submitting the necessary amendments to the Coast Guard for approval, since the Final Rule was published.  We are also incorporating Seafarer Access into Facility Security Assessments and Facility Security Plans.

We are glad to review your plan and develop an amendment that will meet Coast Guard regulations and align with your business operations.  With Seebald & Associates, you have access to experts on Seafarer’s Access – and to the finest maritime security risk experts available anywhere. 

Seafarer’s Access is in the news once again and it is time to prepare.  The Coast Guard’s Office of Port and Facility Compliance recently published a Marine Safety Information Bulletin on this topic, reminding facility operators of the requirements, including key dates.

In plain language, the purpose of the Seafarer’s Access Final Rule is to ensure that waterfront facilities have a way to accommodate mariners who wish to transit through a Maritime Transportation Security Act regulated facility in order to go into town, or to return to or join the ship.  The regulation also applies to pilots, and to members of Seafarer welfare organizations, like Seaman’s Church Institute. 

Most of us who work with mariners can appreciate the need to treat our seafarers with dignity, and to find ways to improve the quality of their lives without compromising security.

The next milestone in the Seafarer’s Access program is February 3, 2020.  By that date, facility operators must have a system for accommodating Seafarer Access documented in their Facility Security Plans.  This will require an amendment to your Facility Security Plan.  Given that the Coast Guard requires facility operators to submit amendments 60 days in advance, you should be working on those procedures now.  By June 1, 2020, The facility owner or operator must implement their sytem of access.

Not sure of what, exactly, is required or how to get it to the Coast Guard for approval?  Not to worry, Seebald & Associates are here to help.  We have been incorporating Seafarer Access procedures in our audits, and submitting the necessary amendments to the Coast Guard for approval, since the Final Rule was published.  We are also incorporating Seafarer Access into Facility Security Assessments and Facility Security Plans.

We are glad to review your plan and develop an amendment that will meet Coast Guard regulations and align with your business operations.  With Seebald & Associates, you have access to experts on Seafarer’s Access – and to the finest maritime security risk experts available anywhere.