Imagine the day a terrorist organization announces three shipping containers loaded with nuclear devices have arrived in Los Angeles, Rotterdam, and Shanghai. The devices will detonate in 24 hours, unless the United States satisfies certain demands. The cost in lives, treasure, and international relationships could be calamitous. As the White House weighs the risks and determines a response, how much confidence will we have in the integrity of the global supply chain?
Nuclear terrorism is a threat to worldwide peace and security. Deterrence will not restrain non-state actors, for whom there is no return address. Nuclear terrorists do not adhere to the ethics of just war that have defined the international order since Westphalia. Moral equality between combatants is nonexistent, and terrorists place no value on stability among sovereign nations. The strategies and practices (and luck) that somehow prevented a nuclear exchange between nations for the preceding 71 years provides little solace today in a world in which terrorists seek these weapons. A new strategy is required.
While the international order grapples with issues such as land reclamation, territorial annexation, and the impact of climate change, the threat of nuclear proliferation continues unabated. In 2014 James Clapper, U.S. Director of National Intelligence, indicated:
Nation-state efforts to develop or acquire weapons of mass destruction (WMD), their delivery systems, or their underlying technologies constitute a major threat to the security of the United States, its deployed troops, and allies. . . . Biological and chemical materials and technologies, almost always dual use, move easily in the globalized economy, as do personnel with the scientific experience to design and use them.1
Fifteen months earlier, in October 2012, Yukiya Amano, director general of the International Atomic Energy Agency, stated:
Terrorists having access to nuclear material is a real threat. They have developed a particular container to put enriched uranium in as samples. The groups repeat [deliveries] to defeat the preventive measures. This is a real threat.2
Regardless of the actual effectiveness of such containers against evolving detection systems, the intent to use them within the global supply chain indicates a vulnerability that one day may be leveraged to catastrophic effect. Currently about 1,900 metric tons of highly enriched uranium and separated plutonium exist in military and civilian stocks globally.3 Weapon-grade nuclear material is stored in hundreds of buildings around the world with varying levels of security. Non-state actors are committed to acquiring the raw materials for a dirty bomb or actual weapon of mass destruction. The stakes are exceptionally high as this marriage of destructive technology and evil intent has little precedent in history.
Proliferation Security Initiative
Historically, counterproliferation regimes such as the Proliferation Security Initiative (PSI) were associated with naval combatants, helicopters, and heavily armed boarding teams conducting interdictions of suspect vessels carrying illicit cargo. A focus on at-sea interdictions provided a positive central organizing function around which to build exercises for multilateral engagements.
Yet focusing primarily on air and sea interdictions is akin to the New England Patriots spending all season just practicing the two-minute drill. The two-minute drill is important and can yield victory in the fourth quarter of a football game. However, the last 2 minutes are irrelevant if the prior 58 minutes of offense, defense, and special teams were neglected. By the time a shipping container filled with illicit materials is loaded onto a 1,200-foot vessel bound for sea, the two-minute warning has been reached, and the counterproliferation game is virtually over.
The PSI was broadly conceived by the George W. Bush administration across all elements of interdiction capabilities and was not intended to focus solely on at-sea interdictions. Other functional areas include working within national and international legal frameworks, exchanging information, and implementing port-security measures as part of the global interdiction effort. Initially, the emphasis of maritime exercises on at-sea interdictions shifted the focus from these other important elements. In recent years, PSI participants have been shifting their focus back to port security, regional exercises, and critical capabilities and practices.
Trafficking & Proliferation in the Maritime Domain
Few appreciate the enormity of the seas. Seventy-one percent of the earth’s surface is covered by ocean, most of which is beyond the daily control and monitoring of states.4 Access to the maritime commons is available to anyone with a boat, and ocean travel has historically been lightly regulated. Coastlines are too vast to be effectively monitored. Maritime borders are porous. Terrorists and illicit traffickers can use the size of the maritime commons to disguise their proliferation activities.
The oceans are also the arteries of globalization and the pathways of trade. On any given day, more than 49,000 ships are at sea, carrying the commodities and goods that underwrite the global economy. In addition, thousands of small vessels not requiring compliance with International Maritime Organization tracking standards and any number of vessels that choose not to comply are also at sea.
Bad actors are bypassing counterproliferation protocols through vulnerabilities in the global supply chain. They are increasingly taking advantage of legitimate trade and the global maritime commons to move their illicit materials. Seams in port-security protocols, patchy maritime-domain awareness, inconsistent coordination, and poor governance are enabling the illicit transshipment of dangerous cargoes. While there has been significant advancement in international collaboration through the PSI, it is time to align programs and incentives that better integrate governments, industry, and law enforcement.
Containerization presents illicit traffickers with an attractive means for transporting their goods. Michael Jenks and Hugh Griffiths, in a 2012 Stockholm International Research Institute Report, wrote:
the advent of containerization in particular has given non-state actors . . . unprecedented opportunities to integrate their activities into the global supply chain. Containerization provides trafficking and proliferation networks with the same cost- and time-saving transport mechanisms that have allowed the world’s multinational companies to deliver their products quickly and cheaply, penetrate new markets and expand their global customer base.5
In 2010, the U.S. Department of State declared that containers were the “most cost effective and lowest-risk method of transporting cocaine to distribution centers in Europe and the USA.”6 From 2007–2011, drug traffickers were thought to have used containers or vessels from the ten largest global shipping companies to deliver narcotics and their precursor chemicals to Africa, Europe, and North America.7
Traffickers in the Cyber Domain
Traffickers also are exploiting legitimate computer network systems to disguise their smuggling operations. In 2013, Europol Director Rob Wainwright described organized crime’s “new business model,” which employs cyber attacks to smuggle illicit goods. A Dutch drug trafficking organization hired IT system hackers to compromise networks that controlled the movement of shipping containers in the Port of Antwerp. The containers were filled with legitimate cargoes such as timber and bananas that helped conceal cocaine and heroin. Once the hackers identified the location of the targeted containers and the associated security measures, the traffickers sent in truck drivers to retrieve the containers before the legitimate drivers arrived. The traffickers’ alternative strategy was to hijack the truck after it left the port, with the driver unaware of the container’s contents. In January 2013, a legitimate truck driver was shot at (but unharmed) after he picked up a container with concealed cocaine and departed the terminal.8
U.S. ports also are susceptible to this smuggling tactic. Companies associated with the movement of containers have access to IT systems that track their movements. By providing automatic email or text updates on the status of shipping containers, the systems promote commercial efficiency and the just-in-time nature of maritime trade. They also present opportunities for sophisticated hackers and patient adversaries to exploit the data for illicit smuggling.
Insider Threat
The supply chain is highly susceptible to compromise by company employees. U.S. Customs and Border Protection calls them “internal conspirators.” Internal conspiracy is the cheapest and easiest method of smuggling. Transnational organized crime organizations (TCOs) have been successful at targeting employees by collecting data and monitoring their daily schedules. TCOs recruit employees with criminal records and weak moral character. They also target employees in financial distress who might be tempted by low-risk work that can produce a substantial monetary reward.
The internal conspirator’s job may be as simple as gathering data about shipping routes, entering fictitious data on a cargo manifest, or serving as a lookout.9 As societies continue to tighten their security protocols (e.g., the use of security cameras around cities, in buildings, and at street intersections), the internal conspirator becomes an increasingly attractive tool for illicit traffickers.
Illicit Traffickers in Global Corporations
In November 2013, the Mexican government seized control of its largest seaport, Lazaro Cardenas. Local customs officials and police officers were suspended. The Mexican Navy took complete control of port-security protocols. The reason? The Knights Templar, a Mexican criminal organization based in the western state of Michoacán, had effectively taken control of port operations through extortion, intimidation, and corruption. The cartel exploited Mexico’s iron-ore trade with China by controlling the Michoacán mines, prospectors, and means of ground transportation. Once the product reached Lazaro Cardenas, the Knights Templar pressured customs officials to ensure their iron ore was handled without government disruption.10
“The Knights Templar have enormous control over Lazaro Cardenas,” a Mexican security official told The Washington Post. “They are less involved in drug trafficking than they are in charging for each container that enters.”11
The cartel’s takeover of Lazaro Cardenas, a port with one of the largest container operations in the Western hemisphere, should set off alarm bells around the world. The influence of the Knights Templar in Lazaro Cardenas demonstrates the limits of modern security regimes to overcome widespread corruption or government ineffectiveness in a seaport. Proliferation and trafficking organizations are increasingly sophisticated in exploiting port-security vulnerabilities and poor governance to accomplish their objectives.
Marriage of Customs & Corporations
Port-security programs are more likely than at-sea interdictions to disrupt the international transfer of weapons of mass destruction (WMDs) and associated materials. Finding WMDs or dual-use materials on ships at sea is laborious, and in some cases physically infeasible. This is especially true with large container vessels, which transport about 90 percent of the world’s non-bulk cargo.12 The largest vessels, classified as ultra-large container vessels, are 1,200 feet long and can carry upwards of 14,000–15,000 twenty-foot equivalent units.13
Vessels and port facilities adhere to tight schedules. To reduce inventory costs, the global supply chain is based on a just-in-time system. This does not prohibit a state, operating within national or international law, from interdicting a vessel at sea. It may, however, raise the threshold for conducting an inspection at sea and delaying the vessel’s arrival at her next port of call.
U.S. and foreign customs officials, located in every major seaport around the world, are more likely than special forces to prevent a terrorist from detonating a nuclear device in the United States. Companies such as Walmart have the access and economic incentives to safeguard global supply chains. Customs officials and corporations should play a more prominent role in global counterproliferation strategies. Economic incentives, not military clout, are the answer. Three existing U.S. government programs should be the launching points for a different approach to counterproliferation.
Role of Legitimate Business
The Customs-Trade Partnership Against Terrorism (C-TPAT) program is the best example of government and industry collaboration in support of international supply-chain security. U.S. Customs and Border Protection (USCBP) developed the program in November 2001.14 Its objective is to secure the flow of goods across their life cycles, from raw materials to finished products, into the United States. C-TPAT started with seven companies. Participation has grown to more than 10,000 business partners who collaborate with USCBP to study supply chains, assess risks, and develop protocols to manage those risks.
In exchange for their voluntary participation and successful compliance, companies enjoy expedited customs processing, front-of-the-line privileges, and access to security advisers. C-TPAT partners include importers, manufacturers, carriers, brokers, port operators, and intermediaries. There can be significant financial costs to participate in C-TPAT. In 2011, USCBP completed its C-TPAT Costs & Savings Survey. The cost to implement C-TPAT ranged from $280 to $4 million. Business partners, however, also reported cost savings ranging from as low as $50 to as high as $52 million.15
Participation in C-TPAT is an investment. It has a compound effect across the supply chain that cannot be replicated or imposed through regulation by governments. A conservative estimate of the financial investment in supply-chain security by C-TPAT business partners is on the scale of billions, not millions, of dollars. This money was invested by industry, not by governments, in every corner of commercial operations. It reduced risk and improved supply-chain efficiency.
This ever-expanding web of public-private cooperation leverages the unparalleled reach of commercial enterprises to secure their own supply chains. Governments simply do not have the resources, expertise, and monitoring systems to guarantee the integrity of goods as they flow around the world. Industry has considerable financial incentives to prevent terrorism through trade and partnering with governments to obtain front-of-the-line privileges. By taking ownership in preserving the integrity of its own transportation and trade systems, industry can achieve results well beyond the reach of governments.
As one element of a distributed security framework, C-TPAT could transform the global counterproliferation regime complex because of its unique focus on supply-chain security and public-private partnerships. The concept could be expanded to other contact points between government and commerce, such as insurance, shipbuilding, and maritime information technology.
Seaport Antiterrorism Measures
The International Maritime Organization (IMO) developed the International Ship and Port Facility Security (ISPS) Code after the terrorist attacks of 11 September 2001. The IMO describes the ISPS Code as “a comprehensive set of measures to enhance the security of ships and port facilities, developed in response to the perceived threats to ships and port facilities in the wake of the 9/11 attacks in the United States.”16
Countries that wish to trade with the United States must adhere to the ISPS Code or face potentially negative consequences. Since 2002, the U.S. Coast Guard has used the ISPS Code to assess antiterrorism measures in more than 800 ports in 154 countries.17 The Coast Guard considers various factors in its evaluations, including governance and facility security protocols. Government responsibility is also a critical indicator of risk. The more responsibility and commitment to security demonstrated by a state, the more credibility the Coast Guard allots to the integrity of its port facilities and vessels.
Transparency and economic incentives are persuasive tools in the port-security realm. The Coast Guard lists countries that do not maintain effective antiterrorism measures on a publicly accessible website. The Coast Guard also announces the countries in a Notice in the Federal Register.18 When this article went to press, 17 countries were listed; Cuba had been removed in March.19
Publicly identifying countries with inadequate antiterrorism measures can compel compliance with the ISPS Code. For the Republic of Nauru, an island country in the South Pacific with fewer than 10,000 citizens and 10 square miles of land, the economic consequences can be devastating.20 Nauru was out of compliance with the ISPS Code for several months in 2005. As a result, Nauru’s seaborne exports to the United States declined from weekly to monthly—a 75 percent reduction. Nauru quickly took steps to regain compliance with the ISPS Code and resume its normal trade pattern with the United States.21
Like the United States, leaders in maritime trade should use their economic clout to improve maritime governance and antiterrorism measures. Trade agreements and partnerships should leverage international standards like the ISPS Code to impose minimum port-security standards. Using both carrots and sticks in the maritime domain can institutionalize stronger security protocols at the national level and tighten the web of global counterproliferation regimes.
Last Line of Defense
The U.S. Customs Service established the Container Security Initiative (CSI) in 2002. Four years later, Congress embedded the CSI in the Security and Accountability for Every Port Act of 2006 and required development of “minimum standards and procedures for securing containers” bound for the United States. One year later, the implementing recommendations of the 9/11 Commission Act of 2007 required 100 percent of all containers bound for the United States to be scanned at foreign ports with radiation detection and imaging equipment.
The CSI places U.S. Customs and Border Protection officers in foreign ports to collaborate with local officials to screen high-risk containers and interdict nuclear materials before they are loaded on ships bound for the United States. Currently 58 foreign ports, which account for 80 percent of the containers bound for the United States, participate in the CSI.22
The CSI is a risk-based approach to finding the “needle in a haystack,” by using limited resources, without bringing global trade to a standstill. The value of the program for the United States is that it pushes the borders farther away from the homeland. Instead of waiting for a container of illicit materials to reach cities such as New York, the CSI employs detection technology in countries including Pakistan, Malaysia, and Egypt to interdict illicit materials earlier in the supply chain. Partner countries are encouraged to send customs officers to seaports in the United States to screen containerized cargo bound for their ports. This reciprocity is an important mechanism that reduces the overall risk of global proliferation. Ultimately, the CSI provides another layer of security that escalates a trafficker’s costs and risk, increases the opportunities for detecting illicit materials, and promotes counterproliferation regimes such as the Proliferation Security Initiative.
The proliferation of WMDs is an international problem for which military solutions are largely inadequate. An approach that weaves together the power of economic incentives, the force of government security programs, and the ubiquity of commercial industry is an absolute necessity to prevent a U.S. port from becoming the next Ground Zero.
1. James R. Clapper, Statement of the Record, Worldwide Threat Assessment of the U.S. Intelligence Community, Senate Select Committee on Intelligence, 29 January 2014, www.dni.gov/index.php/newsroom/testimonies/203-congressional-testimonies-2014/1005-statement-for-the-record-worldwide-threat-assessment-of-the-us-intelligence-community.
2. Damien McElroy, “Terrorists Acquire Nuclear Container to Smuggle Uranium,” The Telegraph, 17 October 2012.
3. White House Fact Sheet, “The Nuclear Security Summits: Securing the World From Nuclear Terrorism,” 29 March 2016, www.whitehouse.gov/the-press-office/2016/03/29/fact-sheet-nuclear-security-summits-securing-world-nuclear-terrorism.
4. “The U.S. Coast Guard Strategy for Maritime Safety, Security, and Stewardship,” 19 January 2007, www.uscg.mil/history/allen/docs/USCGS2007Final.pdf.
5. Hugh Griffiths and Michael Jenks, “Maritime Transport and Destabilizing Commodity Flows,” Stockholm International Peace Research Institute, January 2012, 37. http://books.sipri.org/product_info?c_product_id=441.
6. Ibid., 47.
7. Ibid., 35.
8. Tom Bateman, “Police Warning after Drug Traffickers’ Cyber-Attack,” BBC News Europe, 18 October 2013, www.bbc.com/news/world-europe-24539417?print=true.
9. U.S. Customs and Border Protection, “Internal Conspiracies and PIA,” 2013, www.cbp.gov/document/forms/internal-conspiracies-pia.
10. David Graham, “Chinese Iron Trade Fuels Port Clash with Mexican Drug Cartel,” 1 January 2014, http://finance.yahoo.com/news/chinese-iron-trade-fuels-port-clash-mexican-drug-180408624--sector.html.
11. Joshua Partlow, “Mexican Army Has Taken Control of Major Port in Effort to Combat Drug Cartel,” The Washington Post, 1 December 2013.
12. Maritime Connector, http://maritime-connector.com/wiki/dry-cargo/.
13. Every 20 feet of container is equivalent to one TEU.
14. U.S. Customs and Border Protection website, www.cbp.gov/border-security/ports-entry/cargo-security/c-tpat-customs-trade-partnership-against-terrorism.
15. United States Government Accountability Office, “Supply Chain Security: DHS Could Improve Cargo Security by Periodically Assessing Risks from Foreign Ports,” September 2013, 5,9, www.gao.gov/assets/660/657893.pdf.
16. “ISPS Code,” www.imo.org/fr/OurWork/Security/Instruments/Pages/ISPSCode.aspx.
17. CAPT Michael Brown, USCG (Ret.), Chief, U.S. Coast Guard International Port Security Evaluation Division, interview with authors at USCG Headquarters, 19 November 2013.
18. CAPT Michael Brown, email to author, 30 May 2014.
19. “Port Security Advisory,” https://homeport.uscg.mil.
20. Central Intelligence Agency Library, “The World Factbook: Nauru” https://www.cia.gov/library/publications/the-world-factbook/geos/nr.html
21. CAPT Michael Brown, USCG (Ret.), interview with CAPT Geoff Gagnier at USCG Headquarters, 19 March 2014.
22. “Container Security Initiative Ports,” Department of Homeland Security, www.cbp.gov/border-security/ports-entry/cargo-security/csi/csi-brief.
Captain LeGree is Deputy Commodore of Amphibious Squadron Eight. He is a Navy surface warfare officer.