Back to National Journal
2 of 10 results     Previous Story  | Next Story  | Back to Results List

08-10-2002

NATIONAL SECURITY: Hardening the Targets

If you start thinking like a terrorist, America presents so many targets
that it is hard to list them all. From movie theaters and sports stadiums
to car ferries and food supplies, this vast country has vulnerabilities
aplenty. The trick is figuring out which ones are more likely to be
targets than others and how much money is reasonable to spend to make them
safer. And those who think about these vulnerabilities also have to judge
how much freedom and liberty has to be surrendered for the sake of
security. It's not an easy task. But a lot of people, in government and in
industry, are working on it. And so far, the accomplishments are
uneven.

Air Transportation

Transportation Security Administration: C

Most aviation experts agree that the nation's airport security is much better than it was before September 11. And a year from now, they say, it will be much better than it is today. But the system is certainly not perfect today-and unfortunately, it never will be.

One of the government's first post-9/11 actions was creating the Transportation Security Administration last November to supervise security for the nation's airways, railways, roadways, and waterways. Because of the difficult airport security deadlines it faces later this year, however, the TSA has spent most of its energy and resources on aviation.

The new agency, originally placed within the Transportation Department, has been on a constant bureaucratic roller-coaster ride. In July, its chief, John W. Magaw, was forced to resign after complaints over lack of progress in meeting deadlines and over his poor communication with Congress and aviation interests. Adm. James M. Loy, the former commandant of the U.S. Coast Guard, has replaced Magaw. In addition, it's quite likely that the TSA will move from the Transportation Department into the new Department of Homeland Security.

While experts give the TSA high marks for its attempts to bolster security, they say the agency has come up short in many areas. For example, government tests show that screeners are still allowing too many prohibited items to get past airport security checkpoints. The TSA has also been criticized for moving too slowly in implementing two key provisions of last year's airport security legislation: federalizing the workforce of screeners, and meeting the deadline to screen all passenger bags through explosive-detection machines.

But those shortcomings aren't entirely the TSA's fault. The deadlines and standards that Congress set for the agency were ambitious and unprecedented. As James K. Coyne, president of the National Air Transportation Association, put it, "They're trying to pass a course that no one can pass."

Cockpit Doors: C

Immediately after the September 11 attacks, the Federal Aviation Administration established a rule mandating that the airlines secure their cockpit doors, through either a deadbolt lock or a steel bar. That, however, was just a stopgap measure. In January, the FAA passed another emergency rule, which required the airlines to install bulletproof-even grenade-proof-cockpit doors by April 2003.

Yet things got off to a slow start. Peggy Gilligan, the FAA's deputy associate administrator for regulation and certification, says initial door designs created pressurization problems in the cabin. But that was eventually solved, and the FAA has approved designs for some of the major Boeing and Airbus models. Gilligan says that installation of these doors has finally begun.

But not everyone is optimistic that the deadline will be met. Michael Wascom, spokesman for the Air Transport Association, which represents the major air carriers, says that the models certified by the FAA account for only about one-third of the fleet of ATA member companies. With the deadline approaching, he said, the delay in certification "has greatly reduced the time available to install these essential upgrades."

Another problem is the cost of the hardened doors, which is estimated to be from $30,000 to $50,000 each. The airlines have complained that the government hasn't given them enough money for the installation. Despite these worries, the FAA's Gilligan says that the deadline will be met. "We are not only optimistic," she said. "We are sure."

Air Marshals: B

This is the one security effort that has seen the most progress. On September 11, the number of federal air marshals stood at fewer than 50. Today, their ranks have exploded to a reported 2,000; however, the Transportation Department maintains that the actual number is classified. Air marshals receive 12 to 15 weeks of training-in airports, at firing ranges, and inside practice aircraft-and they have the highest shooting qualification standards of all law enforcement agencies.

At a recent congressional hearing, Michael P. Jackson, the Transportation Department's deputy secretary, said that the department had established an ambitious goal in November to expand the air marshal program, and that the target is being met. "We have nailed those goals to the wall," he said.

Despite this apparent progress and the air marshals' impressive shooting skills, one glaring shortcoming remains: There still aren't enough marshals. Indeed, these marshals-who usually work in pairs or in groups of three or more-ride on just a fraction of the nation's 35,000 daily flights. And that's one reason why many in Congress and the aviation community have pushed to allow pilots to carry guns in the cockpit.

Baggage Screening: D

Just two months after the airport security bill was signed into law, the TSA had to meet its first big deadline: to be screening all passenger bags by January 18, 2002. Despite Transportation Secretary Norman Mineta's doubts about whether the TSA could meet that goal-after all, the airlines had been screening fewer than 5 percent of bags before the law's passage-the job got done through a hodgepodge of methods, such as positive bag-matches, bomb-sniffing dogs, and screening by hand.

But the TSA now faces a tougher deadline: to ensure that all bags are being checked through explosive-detection systems (EDS) or trace-detection machines by December 31. To meet this goal, the TSA will need to deploy 1,100 EDS and 6,000 trace machines. The Transportation Department's inspector general has noted that such an effort has never been attempted: It represents three times the amount of such equipment currently deployed at airports worldwide. As of July 9, only 215 of the EDS machines and 273 of the trace machines were in use.

Airports must be reconfigured to fit the SUV-sized EDS machines, a job that costs time and money. And operating the labor-intensive trace machines will require a checked-baggage workforce of 21,600, which could crowd airport lobbies and cause delays. Consequently, most observers don't believe the TSA will meet the deadline. "They are a year away," said one transportation lobbyist. "I don't think the equipment will be in place" by December 31.

The good news for the TSA is that the House extended this deadline by up to a year in its recently passed Homeland Security Department bill. Whether that extension becomes law, however, is still anyone's guess.

Passenger Screening: C

Despite the intense scrutiny on airport screening, the system still has plenty of holes. From November to February, the DOT inspector general's office conducted tests at 32 airports and discovered that screeners failed to detect knives, guns, and explosives in 48 percent of the tests. In another round of tests the TSA conducted in June, screeners still failed to find these prohibited items 24 percent of the time.

The administration, however, has been quick to counter that the screening workforce in those tests hadn't yet been federalized; in most cases, the screeners who failed these tests were the same ones who were working before September 11. That is correct. The airport security legislation that was signed into law last fall transferred control of the screening workforce from the airlines to the federal government. Under the law, the TSA must hire and deploy this workforce-which is estimated to be 33,000 screeners and managers-by November 19, 2002.

Unfortunately, the TSA has been moving slowly. As of July 13, it had hired, trained, and deployed only 2,475 screeners, just a fraction of the workforce it envisions. To meet its goal, the TSA will have to hire and train more than 7,600 screeners per month over the next four months. Yet according to Mineta, the plan that DOT created to federalize this workforce was designed to begin slowly, and it was understood that most of the hires would come later in the process. In fact, the TSA says it has already hired 8,000 screeners. "We are on schedule," Mineta recently told Congress.

Crew Training/ Worker Security: C

Before September 11, terrorists had hijacked planes only to get to a foreign country (such as Cuba), or to negotiate for something they desired (such as release of prisoners). But the concept of a hijacking changed when terrorists took control of American airliners and slammed them into the World Trade Center and the Pentagon. Not surprisingly, pilots and flight attendants have begun to rethink their approach to hijackings. Duane E. Woerth, president of the Air Line Pilots Association, says that the pilots, flight attendants, and airlines have worked together to develop a "common strategy" to respond to future suicide hijackings. For security reasons, he won't reveal the specifics, but Woerth explains that the strategy involves enhancing communication among the pilots, flight attendants, and air marshals.

But according to Patricia Friend, president of the Association of Flight Attendants, not enough has been done on the training front, particularly when it comes to flight attendants. While the airport security legislation addressed flight-attendant training, Friend says the language wasn't specific enough to improve things. She argues that in some cases airlines have offered only two or three hours of additional training, and that "under the current system, we are no better prepared to fight off an attacker in the cabin than we were on September 11, and that is unacceptable." The Association of Flight Attendants is currently supporting legislation in Congress that would set detailed requirements for cabin crew training programs.

The TSA has mandated that all airport workers with access to secure areas undergo criminal background checks. Having committed any of some 30-odd crimes will disqualify workers from employment. The TSA has until November to complete these checks, although the agency says that most of them are already completed.

But Friend finds plenty of holes in the system. She explains that because many airports have employee entrances that provide access to the gates and lobbies, anyone who can get inside the employee entrance has access to the entire airport. Because there are no magnetometers at the employee entrances, she said, people can show up with a photo ID, but "no one knows what they are carrying."

On the other hand, some airline employees complain they are subjected to the same random searches and checkpoints that all passengers must go through-even though these employees have undergone background checks and have keys to the cockpits. Such indiscriminate searching is "ridiculous," said Woerth. "We treat every citizen as [a threat equal] to Mohamed Atta." The Air Line Pilots Association and several airlines have been pushing the TSA to introduce some sort of a universal ID card for airline employees that would incorporate a retinal scan or fingerprint. The TSA has said it's considering the proposal.

General Aviation/Small Airports: D

The TSA has established a classified security program for general aviation operators. James Coyne, president of the National Air Transportation Association, which represents general aviation interests, says his industry has come up with its own security advice for operators in dealing with the airport, the aircraft, and the people in the planes. In addition, since September 11 general aviation operators have a heightened awareness about security.

Still, the government hasn't been paying much attention to general aviation. In testimony before the Senate Commerce, Science, and Transportation Committee, the General Accounting Office noted that the TSA has set only a few guidelines for GA security. Coyne doesn't think it should be that big a priority, noting that the teenager who flew his plane into a skyscraper in Tampa, Fla., in January didn't do much damage. "I don't think people feel that GA is a significant threat," he said.

In addition to America's 429 commercial airports, thousands of smaller airports and landing strips are scattered across the country. Because of the small size of these facilities, the federal government hasn't done much to improve their security. But after the 9/11 terrorist attacks, even these small strips do seem to have a new sense of awareness about security.

Water Transportation

Cruise Ships and Ferries: B

Whether embarking from terminals in Hampton Roads, Va., Honolulu, Miami, or New Orleans, cruise ship passengers today are witnessing a level of security that would have been unthinkable before September 11. As their ships pull away from the docks, passengers have noted the comforting presence of Coast Guard escorts that enforce a 100-yard perimeter around cruise ships entering or leaving port. Since 9/11, the Coast Guard has escorted more than 6,000 vessels in and out of port. Cruise ships, ferries, and any other large ships that are identified as possible "high-risk" vessels under a classified threat matrix system are also boarded by armed Coast Guard sea marshals, who ensure that the ships are under authorized command-and-control. In the past year, sea marshals have escorted 2,000-plus vessels.

Any suspicious boats that might pose a risk to cruise ships or ferries are also far more likely to be boarded and investigated. Since 9/11, the Coast Guard has conducted more than 35,000 port security patrols and more than 3,500 air patrols, boarding more than 10,000 vessels in the process. In New York City harbor alone, the Coast Guard has boarded more than 2,000 vessels since September 11. If there's credible intelligence that a port or vessel is the target of a specific threat, the security presence will also likely include one of the Coast Guard's new Maritime Safety and Security Teams-rapidly deployable, waterborne SWAT teams with fast-response boats and heavy tactical weaponry.

The increased patrolling is part of the largest port security operation since World War II. The Coast Guard's waterborne measures are being matched dockside at many of the country's ports, some of which have taken advantage of $93.3 million in seaport security grants authorized last year by Congress. This year, the House and Senate also passed comprehensive maritime security bills, which are expected to be reconciled soon in a House-Senate conference.

Despite improvements, experts concede that with 361 ports and 25,000 miles of rivers and coastal waterways to protect, America remains vulnerable to waterborne terrorist attack. "After the 9/11 attacks, the government's primary effort was rightfully focused on the aviation sector, but now I think we as a nation need to take a very hard look at our ports," said Coast Guard Commandant Adm. Thomas Collins. "Our continuing concern is that the U.S. ports and waterways remain very vulnerable."

Cargo Containers: D

In any inventory of America's vulnerabilities, container traffic entering through U.S. ports is likely to top the list. The reason is a simple matter of volume. Fully 95 percent of international goods shipped to the United States enter through its seaports, and seaborne trade accounts for 25 percent of the U.S. gross domestic product. Of that cargo, 90 percent moves in the 40-foot-long metal cargo containers that can be seen stacked dozens of stories high at major ports throughout the world. More than 200 million such containers are now moving through the international trading network, constituting the most critical component in the global trading system.

If it was learned that terrorists were using a cargo container to smuggle a weapon of mass destruction into the United States, experts estimate that screening the roughly 6 million cargo containers in the country on that day could take up to six months. During that half-year, global commerce would all but grind to a halt.

The Customs Service can manually screen only 2 percent of the containers that enter the country, but officials have worked hard over the past year to improve the intelligence fed into a threat matrix system that identifies "high-risk" cargo for close inspection. The Customs Service has also deployed additional X-ray and gamma-ray inspection devices for more-rapid screening of containers, as well as nearly 4,000 radiation detectors that its front-line agents use to check for nuclear weapons and weapons-grade material.

By far the most ambitious plan to secure container traffic, however, is a new Customs Trade Partnership Against Terrorism program that seeks to establish a reliable "chain of custody" for all cargo. Such a system would include assurances that a container was packed in a secure environment; sealed so that its contents could not be tampered with while under way; and was transported under the control of a certified and responsible shipper.

Experts concede that effectively implementing such a system will likely take years and a new dynamic in global trade that weighs security on a par with efficiency. "In terms of awareness of the problem-and agreement on a holistic solution that doesn't naively call for the inspection of every container-I think we're light-years ahead of where we were before 9/11," said Stephen Flynn, a senior fellow at the Council on Foreign Relations. "In terms of tangible measures to solve this vulnerability, however, we haven't done much. I would thus give the government a D, but with every hope that we're working hard toward a better grade."

Land Transportation

Risk Assessment: C

Billions of dollars have been sunk into concrete, asphalt, and steel so that people can move freely within the United States, and nobody wants to impede that in the name of security. Yet transportation systems are an increasingly popular target for terrorists across the globe, and governments want to minimize vulnerabilities and maximize emergency response capabilities.

Current laws make the first task difficult: Federal and state disclosure and liability laws provide an inherent disincentive for government agencies to conduct thorough vulnerability assessments. "You don't want the results of the assessment to become public information," says Ron Diridon, the executive director of the Mineta Transportation Institute, a congressionally chartered research organization. "But information provided by consultants to those facilities is, under law, public information." Meanwhile, liability laws allow an agency to be sued if it fails to address everything identified in an assessment and somebody gets hurt. Both barriers can be worked around, Diridon notes, but solutions make it harder to share important information quickly.

Because American society is so open, experts say, it is almost impossible to fully protect transportation systems against terrorism. Rather, the key to improving security seems to be in improving the system's emergency responses. The important thing, Diridon stresses, is to make sure that any disaster response program is up-to-date and regularly practiced by all local responders: transportation, fire, police, and emergency medical services.

Transit: B

Transit agencies began buzzing about disaster preparedness after the 1995 chemical attack in Tokyo's subway, but they put their plans into high gear after September 11. The Federal Transit Administration made $50,000 grants available for emergency drills, and it has conducted vulnerability assessments for the country's 32 largest agencies. Most municipalities have taken simple steps, such as removing station lockers and trash bins, as well as increasing surveillance on buses and trains. Metro in Washington is piloting a new chemical-detection system at 12 stations, the first of its kind anywhere in the world.

In general, though, old-fashioned people-watching remains the best prevention tactic, says Paul Lennon, security chief of the Los Angeles Metro. "There's a heightened awareness within each of the transit agencies, from their front-line employees through top management, of their vulnerabilities, and what each and every person can contribute to enhance security."

The sheer number of people streaming in and out of any subway station during a typical morning or evening rush hour makes it impossible to conduct individual screenings of passengers and bags, Lennon says. "For a dollar, dollar-and-a-half ride, they're just not going to tolerate it," he adds.

Amtrak: C

Amtrak has started running quick background checks on all of its passengers and requiring a photo ID for everyone boarding a train, but the national rail service's budget woes mean there's not a lot of money for restructuring and upgrading existing security systems. Some Amtrak police officers are pulling 12-hour shifts to provide increased surveillance. New York Gov. George E. Pataki recently offered the state's National Guard to help out. Amtrak has tried to increase visual checks on the heavily traveled Northeast Corridor but, as was shown by the recent derailment of an Amtrak train in Maryland-which resulted from problems with the track and not from terrorist actions-there is a lot more track than there are eyes to watch it.

Roads: B

Getting on a train or a bus requires going through at least one checkpoint-the place where you buy your ticket. Getting on almost any highway, road, bridge, or tunnel simply requires foot power or turning a key. "Highways have always been considered invincible, and we hadn't worried about terrorists," says Tony Kane, director of engineering and technical services for the American Association of State Highway and Transportation Officials.

Today, concrete and steel seem a lot less invincible. State transportation departments have been running new vulnerability assessments during the past year. The country has about 600,000 transportation structures, from two-lane country bridges to the Golden Gate Bridge, and about 500 are considered significant. States are using various devices to protect these structures, from surveillance cameras to new supporting columns in tunnels. The states are also considering building protective structures around bridge piles to forestall a water attack.

In general, though, officials worry most about responding properly to a disaster. That, says Kane, depends on good communication, not roads. "A lot more emphasis has to be spent on the emergency response system," he says. The association estimates that the nation's highway systems need $4 billion to strengthen road and emergency communication, and another $2 billion on physical protection measures.

Energy

The nation's energy infrastructure, which the White House identified shortly after September 11 as dangerously vulnerable, has begun to adopt new safeguards. Companies have boosted security at nuclear power plants, oil refineries, and electricity-generating facilities. And President Bush has increased the oil supplies that the federal government holds in reserve, a move that could lessen the economic impact of an oil supply disruption in the Middle East.

But serious shortcomings remain. The nation's electric power grid and its oil and natural gas pipelines remain precariously vulnerable to attack, and some observers say that little can be done to protect them as they crisscross the nation. The Bush administration says that transferring nuclear waste to one central storage location will make the nuclear power industry safer, but putting that solution into action will taken another decade-and 9/11 has exacerbated safety concerns about transporting the waste over the nation's highways and rail lines. The U.S. energy sector is safer than it was when terrorists attacked New York City and the Pentagon, but significant additional improvements are needed.

Nuclear Power: B-

Within an hour after the 9/11 terrorist attacks, officials at the nation's 104 commercial nuclear power plants tightened security. Then, in February, the Nuclear Regulatory Commission ordered plant owners to beef up security even further. The commission's order, much of which was kept secret, required plants to increase patrols, widen security zones, and toughen security checks on visitors and employees-steps that industry officials say many firms have now taken. "The level of security at nuclear power plants is the highest it's ever been," said Mark Findlay, director of security at Nuclear Management, which provides security at several facilities.

The NRC has offered to provide states with potassium iodide tablets, which, if taken immediately by those exposed to a radiation release, can prevent thyroid cancer. In the event of such a disaster, the pills are to be made available to citizens living within 10 miles of the plants-although critics say the danger zone can extend 50 miles.

Nuclear-industry officials are touting a recent study indicating that a large commercial jetliner deliberately flown into a nuclear plant would not crack the reactor vessel or cause a radiation leak. But watchdog groups argue that a plane could do serious damage to a reactor's safety systems. Critics note that the study neglected to consider the impact of a shoulder-fired missile. Despite the industry's assurances, Congress is considering legislation that would force the commission to get tougher on nuclear facilities. Congressional critics object that the NRC allows companies to assume that an attack on their plants would be carried out by a few terrorists who are not heavily armed and not suicidal. "Since September 11, we have to assume that those assumptions are seriously wrong," said Rep. Edward J. Markey, D-Mass.

Nuclear Waste: D

The Bush administration boasts that nuclear power plants will be much safer after the Energy Department transfers 45,000 metric tons of radioactive waste from 104 commercial nuclear power plants and 14 closed facilities to an underground repository in Nevada's Yucca Mountain. Some 161 million Americans live within 75 miles of those power plants. Earlier this summer, Congress and the White House authorized the Yucca Mountain waste dump. Nevada state officials are continuing to fight that decision.

But the Nevada repository, which the Energy Department spent 20 years and $4 billion studying and beginning to build, won't open until 2010 at the earliest. And critics of the plan charge that moving the waste to Nevada would create serious new safety threats, because the material would be moved on rail lines and highways close to major cities. Only a few tests have been conducted on what could happen if terrorists attacked a nuclear-waste shipment, and the results of those tests are disputed. Opponents say the shipments would be vulnerable to accidents and terrorist attacks. "There are great questions about the government's ability to guarantee the security of transporting this material through communities and states across the country," Markey argued. Meanwhile, each year, the nation's nuclear power plants produce roughly 2,000 metric tons of new waste, which remains too radioactive to move off-site for five years. Nuclear power now produces 20 percent of the nation's electricity. As long as nuclear reactors continue to operate, a substantial amount of radioactive waste will have to be stored near them.

Markets and Strategic Supplies: B

Experts generally agree that the biggest threat of terrorism against the U.S. energy sector is not a violent attack on some facility but a coordinated sabotage effort that drives up energy prices and imperils the U.S. economy. Soon after the 9/11 attacks, the United States increased the "fill rate" of the Strategic Petroleum Reserve, the government-owned cache of crude oil that is stored in underground salt formations in the South. The reserve now holds about 600 million barrels. Europe and Japan together hold the same amount.

Energy economist and consultant Philip Verleger said that might sound like a lot but really isn't. "It represents about four months of imports from Saudi Arabia," he said. Verleger emphasized that there are many terrorism scenarios in which the reserve could prove inadequate. For example, an Iraqi attack might disable Saudi Arabia's oil production for far longer than four months. And if a U.S. attack on Iraq involved Israeli participation, that could easily trigger a broader Middle Eastern oil embargo.

The good news is that global oil production is much more diverse than it was during the oil crises of the 1970s. The bad news is that U.S. production has continued to lag behind demand and that conservation efforts were set back by the low prices and good times of the 1990s. However, U.S. oil production will never be able to sustain the American economy, so there is no substitute for a foreign policy that protects shipping and keeps Middle Eastern oil flowing to the United States.

Oil and Gas Pipelines: B

Early on, the Bush administration identified oil and natural gas pipelines as critical links in the nation's infrastructure that would be natural targets for a terrorist attack. Rather than seeking more regulation, the government has asked for industry input about how to improve safety and has been reviewing that information since last fall. Industry and government have earned good marks for getting this process moving and for working together. Yet the voluntary, decentralized nature of the process does not ensure that all pipeline operators will observe the highest standards. And the government has not yet issued its safety guidelines.

Two notable acts of sabotage have damaged the Trans-Alaska Pipeline System, which carries 1 million to 2 million barrels of crude oil every day from the state's North Slope to refineries in southern Alaska. In 1978, shortly after the pipeline opened, vandals used a small amount of conventional explosive to blow up a section of the line, causing a 700,000-barrel spill.

The pipeline's second-largest spill, in October 2001, seems laughably small by comparison. Only 6,800 barrels were lost. But in its way, it was even more disturbing than the first because it was caused by a lone gunman firing a single bullet through the double-walled steel of the pipeline. Daniel Carson Lewis, 37, was arrested, but it took 36 hours to stop the leak. Afterward, security experts, including former CIA Director James Woolsey, testified that the Alaska pipeline and others in remote locations are very vulnerable to terrorist sabotage, since patrolling the thousands of miles of petroleum pipelines that crisscross North America is impossible. In densely populated areas, most pipelines are underground, making them more difficult to attack.

Oil Refineries, Tank Farms: B-

U.S. oil refineries process huge volumes of volatile and toxic chemicals. Mishaps at refineries have caused some of the nation's worst industrial accidents, and these facilities would be a logical target for terrorists. Fortunately, oil refineries have faced the risks of accidents and sabotage before-and they generate enough profits to prompt their owners to invest in expensive safeguards. But the self-regulatory approach to safety that dominates federal oversight of the industry makes it impossible to assess the security of these thousands of facilities. Clearly, oil companies have taken some independent actions since September 11, but a comprehensive list of government recommendations is still being compiled.

Back when he was chief executive of Halliburton, Vice President Cheney headed up a cyber-security task force of the industry-sponsored National Petroleum Council. The task force found that cyber-technologies posed significant new risks for the oil industry and that an entire new level of security was needed to protect against them. Oil companies stepped up their pace in adopting these measures after 9/11, but it is not clear how extensive and intensive the changes have been. After the terrorist attacks, the Department of Transportation had to use the telephone to contact 1,000 oil and gas companies and those working with hazardous materials. Since then, the use of e-mail for communicating alerts from the Office of Homeland Security has increased, but the phone system still plays an important role.

Electric Utilities: C

Keeping the lights on in America means protecting against both physical attacks on the electric grid and cyber-attacks on the computers that operate the system. The physical grid, which includes everything from the high-voltage wires that stretch across the countryside to the electric substations crammed into cities, was not built with sabotage in mind. "We all have electric systems that we built in the sunshine, in a country built in the sunshine," said John M. Derrick Jr., CEO of Pepco Holdings, which supplies power to 1.8 million customers from New Jersey to Virginia. "Now all of a sudden, it's a concern."

A National Research Council report warned this June, "The most insidious and economically harmful attack would be one that exploits the vulnerabilities of an integrated electric power grid." To prevent such an attack, electric-industry officials say they have boosted surveillance and installed new physical barriers. Meanwhile, experts are improving ways to reroute electricity around an outage. Critics say the industry should also lessen the potential impact of an attack by taking the costly steps of expanding the nation's transmission system and maintaining backup emergency power plants.

On the brighter side, before the new millennium, the industry had made massive investments in protecting its computer equipment, in response to fears that software systems would fail when their internal calendars switched from 1999 to 2000. Now, the Energy Department's national laboratories are testing the cyber-security at some electric companies and are recommending further improvements. Nonetheless, Derrick said, computer hackers are sure to continue to try to break into the computer systems that run the nation's electric grid.

Infrastructure

Agriculture: C

This summer, seven states took part in a disaster drill to see what would have happened if a hypothetical Missouri farmer had accidentally brought foot-and-mouth disease in from Argentina on July 10. If the farmer had infected, and then sold, his bulls, animals in 28 states would have been exposed to the disease within 12 hours of the sale. Within 48 hours, the first reports of limping and drooling livestock would have trickled into state veterinarian offices. By July 21, only 11 days after the disease had hypothetically crossed the border, the Agriculture Department's foreign-disease laboratory on Plum Island, N.Y., would have confirmed the first outbreak of foot-and-mouth disease on American soil in 70 years.

If the scenario of the Missouri farmer had been real, most of the $90 billion American livestock industry would have been wiped out by now.

The drill, which was run by the Central States Animal Emergency Coordinating Council, with USDA emergency funds, showed just how easily chance or malice could devastate U.S. agriculture. Many security actions taken over the past year, such as strengthening border inspections and making it harder for strangers to wander onto farms, reduce the odds of an attack-but not by much.

Destroying a nation's farm industry is "technologically simple to execute and doesn't need to be successful to have a [significant] economic impact," according to bioterrorism expert Rocco Casagrande, who designs and tests detectors for biological warfare agents with Surface Logix, a private research company.

The key, Casagrande says, is in the country's procedures for handling and containing attacks. But the July drill showed that American protections are still haphazard. At the time of the drill, only one state, North Carolina, had procedures in place that called for notifying all other states the moment the state's veterinarian suspected a case of foot-and-mouth disease. In the exercise, some of the other states remained silent until it was too late to control the outbreak.

To be sure, some procedures have been improved since September 11. New labs coming on line are expanding the country's testing capacity, and the USDA has accelerated a plan to help protect ranchers against quarantine losses, thereby encouraging faster reporting of disease. But key steps, such as developing a shared communications network for use by the states and the USDA, and increasing the frequency of the USDA's training in identifying foreign diseases, have yet to be taken.

Food: B

Using food to kill people is very difficult, because processing your dinner through cooking, salting, or irradiating destroys most bacteria. Any critters that make it onto your plate might cause gastrointestinal unpleasantness, but they are unlikely to kill you.

The food industry has become much more vigilant about securing its ingredients and its machines from outsiders, and the number of USDA food inspectors has increased from last year.

Still, says David Siegrist, the director of the Potomac Institute's Studies for Countering Biological Terrorism, our food supply remains vulnerable. "A large fraction of U.S. fruits and vegetables come in from abroad," he says, "where not even the safeguards that we have here would apply." Furthermore, he points out, accidental contaminations, such as the one that triggered last month's ConAgra beef recall, prove that the U.S. system is still vulnerable to diseases. "If you're doing it inadvertently, then it stands to reason that if somebody intended to do it, they could."

Water: B

A violent extremist group known as The Covenant, the Sword, and the Arm of the Lord surrendered to the FBI in 1985, giving up 30 gallons of cyanide and a vague intention to poison a city's water while praying that only "those who were meant to die would be poisoned." If the extremists had succeeded in dumping the poison into a reservoir, some fish might have been hurt, but that's about it.

U.S. water supplies are difficult to attack directly. The stuff streaming out of your faucet comes from reservoirs, which are already large virulent cesspools, and tipping in a few more chemicals wouldn't have much impact. Reservoir water goes through extensive, and redundant, treatment processes before entering underground pipes for distribution. It's difficult, but not impossible, to introduce a contaminant after purification, but even then, it would be diluted by the sheer volume of water coursing through the pipes.

All U.S. water authorities have begun vulnerability assessments since September 11. The big plants will finish their assessments by December 2002, and the smaller plants should be finished by December 2003. In addition, most plants have significantly tightened security by ending tours, installing new alarms and gates, screening drivers, hiring more guards, and tightening access points and procedures. But these steps just address the obvious risks, says Milwaukee's water superintendent, Carrie Lewis. "The smart terrorists know all this now, and the water utilities are smarter than the dumb terrorists," she says.

In testimony before a House subcommittee last summer, U.S. Assistant Attorney General Michael Chertoff suggested that the risk of a cyber-attack opening a dam's floodgates was graver than the risk of a physical attack. He said that a juvenile hacker had broken into the computers controlling Arizona's Roosevelt Dam.

Jack Hoffbuhr, executive director of the American Water Works Association, says officials are trying to figure out the extent of the industry's electronic vulnerabilities now. "A lot of water utilities wouldn't be impacted, because they run internal loops," he says, "but other water utilities use systems that connect to other networks," and so could be accessed by a hacker.

The bottom line, says David Dobbins, a water expert at security consulting firm Black and Veatch, is that nobody has a good handle on how vulnerable the nation's water infrastructure is. "We don't have a history to gauge this on," he says.

Public Places

Protecting Against Suicide Bombers: D

Security measures in public places have been stepped up since September 11-including more uniformed security officers, tighter controls over ventilation systems, and new parking rules near sensitive buildings-but our public places remain extremely attractive targets for terrorists. Because Americans want openness as well as safety, almost no one recommends surrounding every shopping mall, sports arena, and office building with a cordon of metal detectors and bomb-sniffing devices.

Michael Swetnam, a terrorism expert at the Potomac Institute for Policy Studies, believes that overall, the country is less safe than before the terrorist attacks. "September 11 demonstrated to everyone in the world how easy it is to slip into a sports facility or an entertainment venue and cause us grave harm," he says.

If a flurry of individual, Palestinian-style suicide bombers struck the United States, America's public spaces could become exceedingly dangerous, analysts say. Experts such as Swetnam and former CIA Director James Woolsey don't foresee a wave of suicide bombings in the United States. Groups such as Al Qaeda have specialized in spectacular attacks on symbolic targets, preferring, it seems, to topple the Washington Monument and cause only a few casualties, than to incinerate hundreds of people in an anonymous movie theater.

Woolsey added that suicide bombings "require a subculture that encourages and trains people.... I think that would be very hard to do in this country."

Other experts, however, worry about the threat of suicide bombers sponsored by groups other than Al Qaeda. John Cohen of PSComm, a security consulting firm, notes that attacks on malls, restaurants, and other places where people gather could "injure or kill a large number of people, will make a statement critical of American consumer life, and cause widespread fear and disruption."

Cohen says that the state and local officials he works with are unimpressed by the federal government's efforts and have begun to set up their own information-sharing alliances. For personnel and budgetary reasons, many cities rely more on private security forces than on their police departments to protect major gathering places, said Frank Fairbanks, the city manager of Phoenix, Ariz. And Mortimer Downey, who served as deputy Transportation secretary under President Clinton, said, "There are no simple technologies for securing big public spaces."

Shopping Malls: C

Shopping malls have taken a number of steps to improve security, said Malachy Kavanagh, a spokesman for the International Council of Shopping Centers. Though the upgrades vary, uniformed patrols by both police and private security have generally increased, and barriers to stop car bombs have become more common. Mall owners have also installed more surveillance cameras, instituted more-restrictive parking rules, locked down ventilation systems and internal corridors, and required tenants to abide by stricter rules governing the delivery of goods and packages, Kavanagh said.

Yet shopping malls remain one of the softest targets imaginable for an industrious terrorist. A chemical or biological attack could spread quickly there. And while casualty rates from a single bomb might be low, preventing even one attack would be hard: The flow of pedestrians can never be monitored very closely; each mall includes many exits and entrances; and most visitors carry bags that could easily conceal an explosive device. And because virtually all Americans visit malls, the terror factor from a single attack would be multiplied greatly.

Skyscrapers: B

Owners of large buildings-who have already seen their properties targeted by terrorists on several occasions-have been among the most active in setting higher security standards. A survey conducted for the Building Owners and Managers Association International and the Urban Land Institute found that most owners of commercial buildings have added security cameras, increased security personnel, and either installed or more rigidly enforced card-access systems.

Interest in security within the industry has been high: An October conference call on security attracted 3,500 participants, said Ron Burton, BOMA's vice president of advocacy and research. The most common improvement has been a tighter leash on vendors, including requirements for background checks, identification, and check-in procedures.

Protecting skyscrapers isn't easy, however, because many have shopping malls or atriums, forcing security personnel to keep tabs on the general public, not just employees. Many big buildings also have underground parking garages, which carry the risk of car bombs. High-profile "trophy buildings" such as Chicago's Sears Tower pose special risks, but the 1995 Oklahoma City bombing proved that nondescript buildings can be targets, too.

In the wake of the collapse of the World Trade Center's twin towers, building-evacuation procedures are also getting a hard look. Historically in high-rise fires, the practice has been to evacuate one floor below the fire and four above it, to allow for an efficient evacuation. But now, building and fire officials are rethinking that standard. Studies by the National Institute of Standards and Technology and other organizations are under way, but it's too early to come up with answers, said Randy Bruegman, the president-elect of the International Association of Fire Chiefs.

Ultimately, much of the responsibility for protecting skyscrapers falls to those other than building owners, such as aviation security officials. "The only way to do it is to prevent the attack in the first place," Swetnam said.

Stadiums: B-

Measured purely by the scope of potential casualties, sport stadiums packed with people are seen as a prime target for terrorists. But other factors work against this logic. Psychologically, stadiums are more like airports than shopping malls for most Americans; because a trip to a stadium is a special event, most people feel it's worth putting up with extensive security checks. Another factor is that stadiums are designed to help a mass of patrons exit as quickly as possible. And short of a nuclear, biological, or chemical attack, stadiums are sufficiently sprawling that a conventional explosive might not kill many people.

Even so, sports leagues aren't taking the threat lightly. While specific upgrades have been left to local stadium authorities, the National Football League has put security near the top of its agenda, said Greg Aiello, the NFL's vice president for public relations. The league called in an outside consultant, Guardsmark, to assess every team's stadium security measures, and established a task force to establish and distribute best-practices guidelines on such matters as pat-downs of patrons, bans on coolers and large bags, uniformed security staffing, tighter controls on concessionaires and deliveries, and a closer lookout for possible intruders in the days before a game. In conjunction with Major League Baseball and the Division 1-A Athletic Directors Association, the NFL has been lobbying the Federal Aviation Administration to ban overflights by private planes.

Swetnam says the risk of a stadium attack is relatively low, but he describes current security measures as "hit-and-miss." He concluded, "Very large events like the Super Bowl are done very well, but routine events strike me as spotty at best."

Movie Theaters: F

In theory, movie theaters shouldn't be too hard to protect from conventional bombs: There's just one way to get inside a theater, and patrons would probably accept a metal-detector check if they began to fear for their safety. In practice, though, theaters appear to have done little to boost their safety level. Specifics are slim; the National Association of Theatre Owners referred all calls to member companies, and none of the companies returned reporters' calls. But outsiders say that the theater business muddles through with low profit margins and tight constraints on the timing of shows, making expensive changes and potential delays unpopular within the industry. And because there has been no terrorist incident in an American movie theater, the impetus for change-at least for now-is weak.

New York City Targets: B

Since taking over as New York City police commissioner in January, Ray Kelly has taken several steps to increase security in the Big Apple. He created a counter-terrorism bureau headed by retired Marine Corps Lt. Gen. Frank Libutti and named 35-year CIA veteran David Cohen to run the police intelligence unit. The department now has personnel proficient in more than 40 languages, including Pashto, Urdu, and Arabic. All uniformed officers must go through counter-terrorism training-lessons that are also offered to civilians. "Hercules" units-heavily armed officers riding in armored SUVs-roam throughout the city. Perhaps most important, the NYPD hired 2,500 recruits who are in training and slated to hit the streets by January 2003.

Michael Swetnam, who has been advising New York City officials, said the city has made significant strides. Still, he points out that, even more so than previously, New York's landmark buildings represent the symbolic heart of America. Moreover, between 1 percent and 2 percent of the city's population at any given time is made up of temporary residents from foreign countries. On the upside, Swetnam said, New York has taken the right approach to gauging the risks and acting on them. "The city has done a very good job-because it feels threatened," he said.

The Federal City

The Shadow Government: ?

A parallel government operates at two bunker locations in Virginia and Pennsylvania. The people there are tasked with managing the country's food, water, and energy supplies, as well as transportation needs, medical and health emergencies, communications networks, and civilian peacekeeping during any catastrophic incident that disables federal operations in Washington. Reconstructing the constitutional government after destruction or maiming of the capital would also be the task of the staff and officials assigned to the bunkers. "You have to have people there who really know the functions of government," explained one administration official.

The Bush administration has assigned 75 to 100 senior civil servants and some political appointees to staff the bunker locations on a rotation basis, pulling shifts of about 90 days, indefinitely. In general, the administration's continuity-of-government (COG) plans envision three phases: activation and relocation within 12 hours; operation of the alternative facilities after about 12 hours, until a threat to governance ends; and the reconstitution of government, followed by normal federal operations. As a result of the new emphasis being placed on COG operations, the Bush administration is making improvements to the facilities and their technology.

One Washington consultant who spoke with a Bush appointee while the official was tucked away doing his time in one of the secure locations said the administration contact described "a lot of people who looked like they had been there for 30 years and were so happy to have company!"

All funding for and operations of COG are considered classified. "Unfortunately, we're not commenting ... for reasons of national security," said FEMA spokeswoman Deborah Garrett. FEMA coordinates the COG, primarily through its National Preparedness Directorate.

During the Clinton administration, under FEMA's direction, the 1950s-vintage shadow-government bunkers were updated with computers, videoconferencing and improved telecommunications, new paint, and daybeds to replace sleeping cots, said former FEMA Director James Lee Witt in an interview. "It was like doom and gloom in there. We redid the entire thing," Witt said, recalling one of the bunker locations, which was equipped with manual Underwood typewriters. "We replaced the water," he added. "There was still the water [President] Johnson had put in there, bottled water in glass bottles from Mountain Valley water, from Hot Springs, Ark.... It was unreal."

White House, Pentagon, and CIA Headquarters: ?

In making federal facilities safer, say White House, Pentagon, and CIA officials, it's important not to discuss security. So they won't. "That's not something I can help you with," said Paul Nowack, a CIA spokesman.

At the White House, deputy press secretary Scott McClellan said, "If you see something, we might comment." Otherwise, mum's the word. In the aftermath of September 11, the vice president and the president did not work in the same place at the same time. The president's daily schedule was closely held. White House public tours were initially halted, then resumed for student groups and guests escorted by a member of Congress or congressional staff, but not for everyone else. Extra precautions were taken against anthrax or other contamination in mail or hand-delivered packages destined for the White House complex, which includes buildings other than the iconic residence itself. Secret Service agents and officers-on foot, on bikes, in cars, on roofs, around the president-are now not the least bit reluctant to be visible at all times.

White House staff members have improved emergency response procedures for themselves, and worked out destinations and communications should they be forced to evacuate their offices on foot again. The White House offices along the 17th Street side of the Eisenhower Executive Office Building have been vacated under recommendations of the Secret Service because of presumed vulnerability from the air; those employees must work in modern office quarters on 18th Street, a block away. All visitors to the White House complex now must be escorted from the point of the Secret Service check-in. No stragglers or wanderers are allowed.

At the Pentagon, a new, reinforced section of the building will soon be completed, replacing the area where the hijacked airplane crashed and burned. Admission of vehicles and people into the building is even more restricted than it once was, and Metrobuses arriving at the Pentagon subway hub must pick up and drop off passengers at a spot more distant. Security vehicles, with lights flashing, linger at I-395 turnoff lanes, to provide a visual deterrent. Military police officers are everywhere-checking bags, standing guard.

Monuments: B

Of the 385 sites managed by the National Park Service, only four have seen security appreciably upgraded since September 11, NPS officials report. The four are the Washington Monument, the Statue of Liberty, the Liberty Bell Pavilion in Philadelphia, and the Arch of St. Louis. "Essentially, we have airport security at those locations," says David Barna, chief of public affairs for the NPS. "Visitors go through the magnetometers, are subject to searches with handheld wands, that sort of thing."

At those four sites, as well as at all the downtown Washington monuments, the U.S. Park Police have also beefed up the presence of uniformed officers. All the downtown D.C. monuments, as well as the Smithsonian museums, are surrounded by the kind of concrete "Jersey" barriers that began showing up around the White House and other Washington sites after the deadly 1983 bombing of the U.S. Marine barracks in Lebanon. Following 9/11, they sprouted like flowers and are deployed along the Mall-in rings-to prevent a truck attack.

The unsightly barriers have become an aesthetic issue, so the National Capital Planning Commission has undertaken a swift study on how to incorporate security into the design of the monuments. The public comment period was set to end on September 9, but there is talk of extending it. The general impression, said one federal official who sat in on the meetings, is that the temporary measures being taken are "reasonably adequate" for security purposes, but utterly inadequate from the artistic standpoint.

Martha Droge, a landscape architect with the Baltimore firm of Ayers/Saint/Gross, gives high marks to the National Capital Planning Commission's long-term blueprint-and she may be uniquely qualified to judge. She was a special agent with the State Department's Diplomatic Security Bureau before making a career change. "That report is an excellent example of how a new design can incorporate security upgrades while still making a positive contribution to public space."

It won't come cheaply. The plan envisions the government spending up to $800 million in what it calls "a worst-case scenario." But only deeper study will determine whether that guesstimate is even close to correct. The commission expects to ask Congress for $32 million just do to this study.

"We can have both good urban design and good security, but now we have neither," said Richard L. Friedman, the Boston-based developer who chaired the task force that put together the blueprint.

Safety of Federal Employees: C

One of the painful lessons of September 11 is that if famous buildings become targets, so do the men and women who work in them. This is true of government buildings in Washington and around the nation. "Capitol buildings are symbols of government, and the people who inhabit them are symbols, too," says Tony Beard, chief sergeant at arms for the California state Senate. In Sacramento, the Legislature is spending $4 million to $5 million to make the state Capitol more secure after a suicidal ex-convict with a history of mental problems rammed his rig into the edifice at 45 miles an hour.

Here in Washington, unfettered access to government buildings is all but a remnant of another time-even in buildings designed to be tourist-friendly. The Old Post Office on Pennsylvania Avenue, for instance, was refurbished as a shopping mall and reopened amid fanfare during the Reagan administration. Today, entry to that building is so restricted that tourists are becoming scarce. "It's gotten quite tight, so much so that it's become quite difficult for the merchants to operate," says Martha Catlin, program analyst for the Advisory Council on Historic Preservation, which is housed there.

Officials of federal employees unions say that they appreciate the upgraded security but cite a few caveats. One is that there doesn't appear to be much uniformity. "I travel a good deal, and some federal buildings I just walk right in, while in others they won't let me past the front desk without being escorted," says Colleen Kelley, national president of the National Treasury Employees Union.

Another caveat, as always, is money. "More thought and attention is being paid to making federal workers safe than ever before, but in some cases the problem is going to be funding," Kelley says. "Hopefully, the focus will stay on this without it taking another tragedy."

Capitol Hill: B

Take one walk across Capitol Hill and you can clearly see that new security measures have been put in place since September 11-funded by $613 million provided in fiscal 2002 emergency spending bills. Vehicles no longer can drive on streets around Hill office buildings, and most truck traffic has been barred from the area. The Capitol plaza is a mess, with new blockades in place and construction beginning on the new Capitol Visitor Center. While the center had been planned before 9/11, it gained new urgency after the attacks; Congress decided to provide additional federal funds for the project, rather than relying on a private fundraising effort. The visitor center, which will allow the Capitol Police to funnel all visitors though a three-story underground facility, is scheduled to be completed in 2005-at a cost of as much as $300 million.

Until then, temporary buildings have been constructed on the House and Senate sides for receiving visitors. New restrictions have been placed on visitors. Tourists can no longer wander unescorted through much of the Capitol, but must be escorted on guided tours. Gas masks are being distributed to members and staff, and as a result of the anthrax letters sent to the Hill last year, all mail is being irradiated-causing delays in mail distribution. Capitol Police have been directed to examine staff and press credentials more closely when people enter buildings, although based on anecdotal evidence, those inspections vary in thoroughness.

D.C. Evacuation Plans: D

The District has an evacuation plan in place, although few people know it. The city has not yet publicized it-even though people attempting to leave the District on September 11 ran into huge traffic jams, and it was never clear which mass transit services were still operating. The District's Internet site states that 14 "corridors" have been identified to funnel traffic out of the city to the Beltway and beyond. During emergencies, traffic lights on those roads will be retimed, and police will be stationed at some 70 intersections.

While signs have been placed along the evacuation routes, the plan has not yet been publicized, according to a spokesman for the District's transportation department. Officials want to ensure that all area governments are aware of the plan before it is publicized in a brochure, which will be distributed throughout the area. "It just takes time," the spokesman said, adding that District officials will attempt to ensure that all residents and workers are informed of the evacuation plan within the next few months.

Mass transit also will play a large role in any evacuation, although again, final plans have not yet been adopted. Transportation officials must ensure that all area transit services can be coordinated, so that commuters do not find themselves stranded. For instance, officials must ensure that bus service is available for commuters at the end of each Metrorail route. Discussions among the various transit services are continuing, a District official said, conceding that plans are not 100 percent in place yet.

Business and Industry

American business gets a grade of C, based on the potent and largely unmet threat of a catastrophic attack on the facilities of the U.S. chemical industry, and the increasingly complex problems of cyber-security. The banking industry does a little better, probably because of the federal government's efforts soon after September 11 to plug holes that had allowed the financing of Al Qaeda's global terror network.

Business Cyber-Security: C

Opinion is split on the question of whether U.S. businesses are better prepared to deal with widespread hacker attacks now than they were a year ago. In a survey of 602 professionals in the information-technology business, 52 percent said that corporate defenses have improved a little, while 36 percent said little has changed. Five percent said defenses are much better, and 4 percent said they were worse, according to the survey, released July 24 by the Business Software Alliance, a trade association of software companies, including Microsoft. "We are not devoting the kind of resources" that are needed, said Robert Holleyman, BSA's president.

But other Washington-based experts say that senior business leaders are now paying much greater attention to the terrorist-hacker problem, and that results will be seen over the next few years. "They are looking at it in a much more global way than before," said Robert McNamara, a partner at Manatt Jones Global Strategies, an international consulting group. Under pressure from administration officials, corporate leaders have set in motion a number of efforts that will take years to generate results-top-level auditing of security threats, new software to weigh security vulnerabilities, tougher pressure on subcontractors to bolster their own information security-but business has not yet achieved obvious improvements in anti-hacker defenses, nor significantly increased spending on security. Congress may soon give industry more leeway to cooperate with law enforcement officials, by allowing the government to keep some sensitive or embarrassing corporate information secret. An effective national cyber-defense network will grow from companies' individual actions "as soon as three to five years" from now, if nothing distracts senior managers, predicted Charles Le Grand, director of technology practices for the Institute of Internal Auditors, based in Altamonte Springs, Fla.

Banking and Finance Cyber-Security: B-

The 9/11 atrocity shifted banks' focus from individual self-defense against high-tech thieves to a more ambitious communal defense against malicious terrorists intent on destroying the banking infrastructure and the public's faith in the financial system.

"It made us think differently about security," said Catherine Allen, chief executive officer of BITS, or the Banking Industry Technology Secretariat, which is the financial industry's nonprofit clearinghouse for information-security practices and technology. "It made us realize how interdependent we are on other industries, like telecommunications." Since then, she said, "the industry has looked at how it can work together with other critical industries ... on a global basis." BITS is funded by major U.S. banks, insurance companies, and securities firms, as well as by major overseas financial companies.

This is a major shift for the finance industry, and the consequences will emerge only slowly. For example, banks are changing their standard contracts to require that subcontractors-telecommunications companies and power companies, for example-have backup facilities and use anti-hacker software. The banks are also automatically and anonymously sharing data about computer-security problems with their information security and analysis center, operated by an outside contractor. This arrangement-which was facilitated by a provision in the 2001 USA-PATRIOT anti-terror law-gives banks some ability to quickly detect widespread, surreptitious hacking.

Chemical Industry: D

The Environmental Protection Agency has identified 123 chemical plants that, if hit by a serious explosion, could each harm at least a million people. In addition, more than 5,000 facilities across the nation each store more than 100,000 pounds of chemicals that EPA ranks as extremely dangerous, including chlorine, hydrochloric acid, and ammonia. A June National Research Council report described toxic chemicals as "weapons of choice for terrorist attacks."

But in the months since September 11, the Bush administration has not imposed any new security measures on the companies that make, use, store, or transport hazardous chemicals, or on the businesses that handle hazardous waste. Instead, federal regulators have allowed the chemical industry to develop its own safety program. Immediately following 9/11, chemical companies temporarily stopped transporting hazardous chemicals. Since then, many firms say they have tightened security and lowered the volume of hazardous chemicals they store on site. In addition, the American Chemistry Council, which represents 180 of the nation's largest chemical manufacturers, recently adopted a plan requiring its members to boost the security at their most vulnerable facilities by 2003.

Environmental activists argue that the industry actions do not go far enough to protect the public from potential terrorist attacks. They charge that the ACC's plan fails to encourage the use of safer chemicals and applies to only a small fraction of the companies that make, use, or transport hazardous substances.

In July, a Senate committee agreed that tougher government action is needed. The Environment and Public Works Committee unanimously backed legislation that would require the administration to assess the vulnerabilities of the plants that house the most-dangerous chemicals and to push businesses to adopt safer technologies that use lower levels of hazardous chemicals. Proponents want to add the measure to the Homeland Security Department bill. The American Chemistry Council, however, contends that government mandates would actually slow down its efforts to improve security at plants that are most susceptible to terrorist attack.

Telecommunications: C

The telecommunications industry has worked with the federal government for decades to shield the phone networks from physical attacks, mostly by increasing the number and geographic distribution of phone exchanges. Redundancy paid off on 9/11, when the new cell phone networks allowed many people to communicate in New York City despite the damage to the telephone systems. But the new cyber-threat comes from terrorist hackers determined to infiltrate and wreck the computers that control the nation's varied telecommunications networks.

In the early 1990s, the companies' new computer exchanges were repeatedly attacked by hackers for amusement. The resulting publicity, and the parallel pressure from Pentagon officials worried about large-scale hacker attacks, pushed industry officials to increase the security of their systems. In 2000, a joint government-industry data-sharing center was established in Arlington, Va. Since 9/11, according to industry officials, the center has greatly increased information-sharing about possible hacker threats among its telecommunications companies, and with other industrial sectors, such as the information-technology firms. This cooperation is aided by the National Security Telecommunications Advisory Committee, established in 1984. The membership now includes top executives from telecommunications, computer, and Internet companies.

But deregulation and the Internet's boom and bust have put these companies under great economic pressure, reducing their capability to invest in security. Widespread investment is required, say experts, because terrorist hackers might be able to use small security gaps to wreck critical computer systems that control vital services, including telecommunications networks.

Mail Safety

U.S. Postal Service: B-

Bill Lewis, president of the American Postal Workers Union local in Trenton, N.J., doesn't hesitate when asked whether he feels safer today than during last fall's anthrax attacks. If someone were to send an anthrax-tainted letter through the mail today, Lewis says, "we would have some dead people."

Last fall, four letters laced with anthrax were sent from the Trenton processing facility to New York City and Washington. Four New Jersey postal workers survived after contracting anthrax, but two Washington colleagues died.

In the aftermath of the attacks, the Postal Service bought for its employees 4 million facemasks that are able to filter out 95 percent of microbes in the air and 86 million pairs of gloves. It also spent $245 million on vacuums and filters, and it is planning to install sensors to detect biological agents within 18 months. But these safeguards are aimed at hand-mailed letters, not the 150 billion pieces of bulk mail processed every year.

Thus far, Congress has appropriated more than $750 million to boost mail safety, but the Postal Service has asked for an additional $800 million for fiscal 2003 and $5 billion over several years to deal with new safety concerns.

Meanwhile, the Postal Service is working to implement new safety procedures and equipment. Eight irradiation machines that cost a total of $40 million are being used to zap mail in Washington ZIP codes beginning with the numbers 202, 203, 204, and 205. Postal employees are using vacuums to clean mail-processing machines, but they still rely on air blowers for hard-to-reach areas.

Safety seminars urge postal workers to use gloves and masks. Few do, however, because the gear is uncomfortable, Lewis says. Individual pieces of mail receive no additional scrutiny beyond what was done before the anthrax attacks, he says.

The Postal Service videotapes transactions at some of its retail facilities and is testing new technologies that may be able to detect biological agents in the mail. In an effort to deter bombings, it has removed thousands of mailboxes near airports, military installations, schools, and other public facilities.

Private Package Shippers: D

Representatives of both the United Parcel Service and FedEx-the two largest private parcel carriers-said they would not reveal new steps taken to improve mail safety for fear of endangering their employees. "The problem is that if you discuss the specifics of what you are doing, you make those counterproductive," said UPS spokesman Bob Godlewski.

But parcel shippers and some employees say that little has been done. Last November, for example, the FedEx Pilots Association asked company management to take a number of actions: to test aircraft filtration systems for spores; to create emergency response mechanisms for infected employees; to bag and seal U.S. Postal Service mail that FedEx planes carry; to make anthrax vaccinations available to Federal Express personnel on a voluntary basis; and to acquire machinery to irradiate mail. In response, FedEx "basically did nothing," said union spokesman Kevin Scheiterlein.

FedEx has trained some employees as "dangerous-goods" specialists, and it requires that one be present at every mail-processing facility, employees say. And FedEx says it is providing extra scrutiny for packages from shippers unknown to the company. Regular clients receive less scrutiny, the company says, because their packages can be easily traced.

But last fall, dozens of FedEx packages filled with white powder reached Planned Parenthood facilities around the country, although the powder turned out to be not hazardous. In January, FedEx delivered radioactive material from Paris to a company in New Orleans. The 300-pound package was not monitored for radiation, and two employees were exposed. But in May, FedEx employees in Columbus, Ohio, discovered a package leaking white powder, and alerted authorities.

A spokesman for the Teamsters union, which represents United Parcel Service employees, said the union was satisfied with steps taken by UPS management, although he declined to elaborate. In the past year, UPS has not faced any public controversy surrounding its mailings, unlike the mixed record at FedEx.

Last fall, UPS did begin allowing its drivers and handlers to pull any suspicious package for examination by employees trained in handling hazardous materials. Previously, only packages that were leaking or showed other indications of containing hazardous materials could be pulled.

Mark Murray, James Kitfield, Corine Hegland, Margaret Kriz, John Maggs, Louis Jacobson, David Baumann, Carl M. Cannon, Alexis Simendinger, Neil Munro, Shawn Zeller National Journal
Need A Reprint Of This Article?
National Journal Group offers both print and electronic reprint services, as well as permissions for academic use, photocopying and republication. Click here to order, or call us at 202-266-7230.

2 of 10 results     Previous Story  | Next Story  | Back to Results List