How TWIC Saves Time and Money at the Airport

Recently, a Seebald & Associates auditor had to make a last minute change in travel plans to meet a client’s needs.  While already on the road, Rich had to book a flight on an airline that didn’t already have his Known Traveler Number (KTN) in their database.  The KTN is the number TSA issues to people who complete the TSA PreCheck application process, including paying the fee.    

But that KTN was on a slip of paper back at home.  Without the KTN readily at hand or access to those speedy PreCheck lanes, how would Rich avoid the long security line?

Fear not gentle reader, for Rich was equipped with the mighty TWIC, and although it is not widely known, the TWIC identification number serves as the KTN.  Rich entered his TWIC number when making his reservation, sped through security, and was on his way to the client.

So if you already have a TWIC (and if you are reading this blog, you probably do), there is no need to apply separately, and pay an additional $85 fee for PreCheck.  You already have it.  Active TWIC card holders enter their TWIC credential identification number (CIN) in the KTN field of their airline reservation or in their airline rewards profile section.  The CIN is printed on the back of each TWIC card in the lower left-hand corner.

This change has been a long time coming but is welcome all the same.  For more information see the link below:

https://www.tsa.gov/news/press/releases/2020/07/08/active-twicr-and-hme-holders-can-use-their-credentials-obtain-tsa

We recently completed a Facility Security Assessment (FSA) which included a cybersecurity assessment in which we informed the IT/OT/Cybersecurity departments at a large refinery of the new requirement to have cybersecurity as part of the facility security plan (FSP).  We also made clear that there are required notifications of any cybersecurity incidents to the Facility Security Officer (FSO), National Response Center and the local Coast Guard Captain of the Port.  Shortly after completing the FSA, this refinery in the northeast was awash in phishing email attempts that were spurred by some recent changes.  The FSO attributes his recent FSO training and the FSA process in educating all necessary parties to the cyber requirements and with ensuring all required notifications were properly made and done so in a timely fashion.  

This cybersecurity threat was noticed when the entire company received suspicious emails regarding new administrative requirements and numerous employees contacted their cybersecurity department to investigate.  The cyber team did a superb job of determining that these were phishing emails and a companywide alert was sent out to that effect.  The FSO was notified so that the required notifications could be made.  The phishing attempts failed at inserting malware onto the companies’ network because of the quick action by the facility team. 

This thwarting of a full-blown potential cybersecurity incident is a perfect example of why all MTSA regulated facilities are required to conduct a cybersecurity assessment as part of the FSA and include a cybersecurity annex in their FSP, not to mention having current cyber policies and training. 

A reminder - all MTSA regulated facilities are required to conduct a cybersecurity assessment and include a cybersecurity annex to their FSP by their audit anniversary date September 30, 2022.

Released by Coast Guard Maritime Commons Blog

Beginning on Oct 1, 2021 facility owners and operators who have not already done so should submit FSP cyber amendments or annexes to their local Captain of the Port (COTP) as part of the facility's annual audit.

 

A fitting tribute for a murdered Coast Guardsman... thank you to Sheriff Karl Leonard and all of the law enforcement in the Central Virginia area for helping recognize this Coastie's service!

Things observed  …. Good, Bad, and Ugly.

Some facts remain indisputable, regardless of your political affiliation.   One such fact is this:  We live in a fallen world.    Most days it doesn’t touch us, so we mindlessly go about our daily lives oblivious to the crime, evil, and discontent that seems to occupy every minute of our newsfeeds.     And then, there it is — in our face, front and center.     Today I will put on my service dress uniform for the first time in five years to attend the funeral of Petty Officer Caroline Schollaert, who grew up just a few miles from my hometown.   She was ruthlessly killed last week in Jacksonville by a thief caught breaking into her car.  Caroline was 27.  He was 22.  A common thief, likely looking for pocket change to buy his next fix.  The obvious irony is that Caroline’s final duty station was HITRON, the U.S. Coast Guard’s elite airborne counter-drug interdiction unit.        

I heard about the killing a week ago today from Sheriff Karl Leonard, who is a retired Coast Guard reserve officer.  I live in his county.   Caroline will be laid to rest this afternoon just up the road from us.  As a gesture of honor bestowed only to fallen military and first responders, he offered to provide a police escort for Caroline’s body when it arrived at our local Airport last Tuesday.  To that end, he requested that I reach out to my former colleagues at LANTAREA to get the arrival details.  In my mind, I envisioned a few police cars in a short motorcade, perhaps a motorcycle or two, following a black hearse.   It would be a journey of about 25 miles into the rural Virginia Countryside.   I sensed that people would pay it little mind as they saw it pass, many of them grumbling under their breath as they impatiently glance at their watches over the extra minute or two they would have to spend at an intersection.   I would be proved wrong. 

The Sheriff made a few calls and graciously picked me up at my house in a squad car on Tuesday afternoon; we immediately proceeded to the airport to wait for the Coast Guard C-27J carrying Caroline’s body.    What happened over the next two hours will forever be etched into my memory, and every Coast Guardsman who witnessed it should thank Karl Leonard for pulling this together.    The scene was this:   At the entrance to the airport were a litany of law enforcement vehicles from multiple jurisdictions, all parked in perfect formation  — facing the road, with blue lights flashing.   Everyone new something important was about to happen.     Waiting in a the parking lot were even more of them: scores of local, state, and county police vehicles from all over.   Then no less than 150 Harley Davidson’s manned by “Patriot Riders” came roaring in — among them were veterans of all military services — colors flying proudly.   In a nearby hanger, temperatures hovering in the upper 90s, was a contingent of Coast Guardsman in full Service Dress, waiting to line up and render a salute to their fallen shipmate as she was carried out of plane, proceeded by her mother, father, brother, and fiancé.    The hearse was loaded.  Few words were spoken.   People got into their vehicles and the Harley Davidsons fired to life.     

As the procession pulled out of the airport, led by flashing blue lights and motorcycles extending as far as the eye could see, the officers and firefighters staged along the way all snapped to attention and rendered salutes.    The local fire station had prepositioned a ladder truck, boom extended.   Hanging from it was a giant National Ensign — the same ensign that the other part of America now denigrates.   But not here — not today.   The state police would not let a single car pass as we creeped along at half speed, even on the four-lane highway.    Respect was due.   Respect would be rendered. 

As we started to draw near the small rural community of Powhatan, we began to see citizens lining route 60, hands over hearts, holding flags, silently honoring a mother and father who’s precious daughter lay in a flag-draped coffin in the hearse ahead.   The closer we got, the denser the crowd.     It was indeed a sight to behold.   I saw an old man solemnly holding a Coast Guard Ensign as we slowly turned into the funeral home parking lot, now overflowing with more cars and Harleys than it had likely ever held.   Then I turned to the Sheriff and said “Thank you Sir.   I will never forget this.”   He turned and said, “No, this is what we do for each other.”   

Petty Officer Schollaert’s tragic death was bad.   It was ugly.   But in it we found some real Americans who are still good, and humble, and God fearing.”    No riots, no fires, no looting.   Just grief.

“Blessed are those who mourn, for they shall be comforted.”   — Matthew 5:4

W. D. Lee

VADM, USCG (ret)

Submitted by Coast Guard Cyber CommandMaritime Cyber Readiness Branch

The Marine Transportation System (MTS) should be on heightened alert as a result of two recent developments. The first is a cyber-attack impacting port operations at container terminals in several South African ports due to “an act of cyber-attack, security intrusion and sabotage.”[1][2] The impacted terminals use a popular Terminal Operating System (OS) widely used throughout the U.S., and certain processes handled by the Terminal OS were suspended as a result of the cyber-attack. The attack is believed to be related to the “Death Kitty” ransomware, although full details are still not available.

The second development is the recent release of leaked Iranian documents detailing research into how a cyber-attack could be used to target critical infrastructure, including MTS entities. [3] These documents cover research into topics such as how to use ballast water systems to sink a vessel and how to interfere with MTS satellite communications. 

Coast Guard Cyber Command is continuing to monitor these situations and is fully engaged with cybersecurity agencies worldwide to identify and take action to mitigate vulnerabilities and threats to the MTS.

The Coast Guard strongly encourages vessels and facilities operating in the MTS to take prompt action in the following areas:

  • Review controls protecting Operational Technology,
  • Closely monitor network and system logs for any signs of unusual activity,
  • Review incident response plans, security plans, business continuity plans, and disaster recovery plans,
  • After reviewing these plans, with the context of these recently identified threats, implement increased security measures to mitigate any identified vulnerabilities.

Any Breach of Security or Suspicious Activity resulting from Cybersecurity Incidents shall be reported to the National Response Center at 1-800-424-8802 in accordance with CG-5P Policy Letter No. 08-16, Sections 3.B.ii-iv. You are strongly encouraged to report any abnormal behavior with your operational technology to your local Coast Guard Captain of the Port or the CG Cyber Command 24×7 watch at 202-372-2904 or This email address is being protected from spambots. You need JavaScript enabled to view it., as it may related to the developments described in this article.

As part of the effort to protect the MTS, Coast Guard Cyber Command has created Cyber Protection Teams and the Maritime Cyber Readiness Branch as detailed in the Cyber Strategic Outlook released on August 3, 2021.  Additionally, the Coast Guard is in the process of hiring 40 individuals as Marine Transportation System Specialists (MTSS)-Cybersecurity, to further aide in the coordination of efforts at our Area, District, and Sector/Marine Safety Unit Commands to strengthen the MTS against cybersecurity attacks[4].  

If you are a stakeholder in the MTS and would like to assist in our effort to combat cybersecurity attacks against the MTS, please reach out to your local Captain of the Port to become a part of their Area Maritime Security Committee (AMSC).  Many Committees have established cybersecurity subcommittees for the specific purpose of hardening our nation’s ports against cybersecurity attacks.       

For additional questions contact This email address is being protected from spambots. You need JavaScript enabled to view it.

[1] S.Africa’s Transnet says will soon lift force majeure after cyberattack | Reuters, July 27, 2021.

[2] Cyber attacks expose the vulnerability of South Africa’s ports – ISS Africa

[3] Iran’s secret cyber files on how cargo ships and petrol stations could be attacked | World News | Sky News

[4] For more information on MTSS-Cybersecurity positions please continue to monitor USA Jobs USAJOBS – The Federal Government’s official employment site