Like water, terrorists gravitate to the venue of least resistance; the softer the target, the higher opportunity for maximum casualties. So it is no surprise that busy transportation hubs like international airports are in the constant crosshairs of international terror groups.
The list of major airport attacks around the world since 2016 is frightening. More than 230 fatalities and hundreds more wounded demonstrate the ferocity of airport terrorism.
- March 2016: In Brussels, Belgium, 32 people were killed and hundreds wounded in suicide bomb attacks at the Brussels airport. Two suicide bombers blew themselves up in the airport's departure hall during a peak travel period, and an hour later, a bomb was ignited in a train at a busy metro station, killing 16 more people. The Islamic State claimed responsibility for the attacks.
- June 2016: Gunmen arrived at Istanbul’s Ataturk airport and started firing at the terminal entrance before blowing themselves up when police responded. The attackers, who killed 41 people and injured more than 230, were linked to Islamic State in Syria.
- June 2017: Amor Ftouhi, a citizen of Canada and Tunisia, was seen loitering in the baggage area of Flint's Bishop International Airport before he yelled "Allahu akbar" -- "God is the greatest" in Arabic -- and pulled a roughly 12-inch knife with an 8-inch serrated blade and stabbed police Lt. Jeff Neville in the neck. DHS believes Ftouhi was self-radicalized and classified the attack on Neville as a terrorist act. Neville survived
- March 2017: A 39-year-old terrorist, who was already on the radar of law enforcement, was killed at Paris’ Orly airport after the attacker assaulted three Air Force soldiers patrolling the airport. Officials said the soldier who was attacked managed to hold on to her rifle and the two soldiers she was with opened fire to protect her and the public. Soldiers fired eight rounds in all at the attacker. No one else in the busy terminal was hurt. The alleged attacker said that he was there "to die for Allah" and dropped a bag on the floor containing a can of gasoline, according to prosecutors.
Putting Technology to Work
The dilemma for airports around the world is how do we make our facilities less inviting to attack? Can technology help harden these soft targets and at the same time provide useful information that can act as a preventative and not simply a deterrent? While no technology is foolproof and certainly must be coordinated with boots on the ground and solid security policy, companies like Quantum and Ipsotek are providing solutions to aid in the battle against terrorism.
Both companies have integrated their technologies for a solution that can detect, report and engage incidents at airports and other transportation centers. Working in tandem with the facility’s IP-networked video surveillance systems, Quantum’s cloud-based data storage arrays combined with Ipsotek’s advanced data analytics create a comprehensive information-sharing and forensics solution that mitigates threats and helps assess risk.
“There is a better understanding of the role video storage is playing in that it is no longer viewed as a peripheral and the last item selected in system design, to where people are realizing it plays a lot more important role. One of the things we see in system design is there is the selection of the cameras, the VMS, and the analytics software and suddenly the realization hits that we have created all this data so we better figure out where to put it. That is where the tradeoffs begin,” contends Wayne Arvidson, Vice President for Intelligence, Surveillance & Security Solutions at Quantum, who along with partner Ipsotek will be showcasing their solutions in Dallas at the ASIS International Security Conference. “Just recently we were talking to a customer who was telling us that he had knocked his framerate down to less than 15 frames per seconds, his retention time to about 10 percent of what he’d actually liked it to be; but he was forced to make those tradeoffs based on the cost of storing and managing the data.”
Quantum will be unveiling a major new release of its award-winning StorNext scale-out file system. According to Arvidson, the Xcellis workflow storage solutions, powered by StorNext 6, are a key component in Quantum's multitier storage portfolio, delivering the performance, accessibility, and value required for managing video surveillance data.
Arvidson says there are three things that his team tries to stress when educating end-users and integrators about storage technology and infrastructure.
“First, it must meet the performance requirements, meaning that it has to be able to ingest high definition video in real time without dropping frames. That’s why solutions designed for video systems are so important. IT systems are oriented for doing a lot of reads for multiple clients, but video systems like ours are designed to be able to ingest as many high-definition streams as possible,” he explains. “Second, we are now in an IP-based world so everything is sitting on a network. With the proper type of storage network, you are able to move the data management and data movement off the main ingest network so you are not in danger of dropping data as it is captured from the cameras.”
Doing all this with a file system that Quantum calls StorNext, which he says sits below the application layer and just presents itself as a single drive letter to the application. This allows the system to use Quantum’s different storage technologies as a single volume.
“High-performance disc is expensive. So what we do is size these high-performance discs to meet the ingest requirements and then we either size our object-based storage or our file-based tape or even cloud for that matter. We size this to meet the retention requirements, so the customer winds up with the size-pool storage requirements they need and it is done much more cost-effectively. The tiered solution offers the customer as much as 40 percent cost-saving per terabyte than what is currently out there on a disc-based solution. You will meet the performance requirements, but you will also be able to extend the retention time.”
The third key element to the overall functionality of this storage option is its accessibility. Arvidson feels this may be the most crucial since you are creating a single drive letter with a centralized pool of stored data. This allows the security operators to work within the timelines. They don’t have to worry that something has been archived and waste time trying to track that data down or rely on the IT department to retrieve it for them.
“This centralized storage pool also provides data protection. The way we architect our solution is that as you are ingesting data you are writing a second copy to the long-term retention tier. Let's say we wanted to keep 30 days of data on the ingest system, on day 31 we just start to make those blocks available again so we can begin recording again. Meanwhile, my previous data has been backed up and protected in the retention portion of the system and I don’t have to move an entire day’s worth of data across the network and archive it like you’d traditionally have to do,” adds Arvidson. “From an accessibility perspective, we have multiple agencies working with this data. If you look at a typical airport you’ve got TSA, Customs and Border Protection, Port Authority and local police that all want access to this data depending on specific incidents. So creating this centralized approach as opposed to all these islands of storage that are local to the individual cameras is where the industry is moving.”
It Is All About the Data
For Bill Flind, Chief Executive for Ipsotek, a London-based company and leader in scenario-based video analytics and a solutions provider for a wide range of applications in both the commercial and public sectors; it is all about being a proactive partner with his clients – many of which are major international airports.
He cited a recent project with an international airport outside the United States that has a deployment of a large facial recognition system. It is using dedicated facial recognition cameras in a system where the cameras are positioned at various pinch points in areas within the airport where there is good lighting and people have to present themselves face on – places like doorways, passport control and security area. He says this design that employs more than 300 cameras, even in such a large environment, can still capture close to 90 percent of all those who are passing through the airport which allows for a very high hit rate for gathering this data.
“Video analytics are also deployed throughout the airport in various other camera arrays. The crucial point where the storage comes in is that we are collecting that facial data constantly and comparing it in real time against a watch list including bad people, criminals and known terrorists. We also do reverse verification on our own security people so we can track that they are where they need to be and aren’t where they shouldn’t. So all this is happening in real time,” Flind points out. “But where this ties in with storage is the fact we are keeping all the facial images we capture, not just the ones we’re not recognizing at that point. These would be new faces to us, and that data is essentially being stored as metadata in the system, but it is being synchronized to the actual video itself. That general data is kept as long as the client wants.”
Flind explains that the airport security team is keeping all this metadata because it serves a very real purpose. In case of an incident at the airport security administrators can select new persons of interest from that stored facial data.
“They are now keeping an eye out for a new person that they didn’t know last week. You can take that image and present it to the system and forensically search back to see if there have been any instances where that person may have appeared in your facility during any designated time period. The anti-terrorism angle is that it is generally believed that attacks just don’t happen out of the blue by people who have never visited the facility before. It is much more likely they have been reconnoitering the facility beforehand,“ says Flind.
Staying Ahead of the Threat
Arvidson and Flind both agree that the integration of storage and analytics has created a paradigm shift in the way organizations mitigate risk.
“You want to move from prosecution to prevention. What’s occurred in the past is a lot of decisions were made based on cost, and the cost of retaining data made it prohibitive. Most facilities couldn’t afford to retain data for a year or more, so they would have to make a tradeoff on the number of cameras, the resolution of the cameras or their recording array – things like that,” says Flind. “If they did try to archive, generally what they would try to do is called ‘grooming the data’. Basically, they were making assumptions like not having to use the video again so they would de-res it, therefore, losing the quality forever.”
The two technology partners say “it’s all about getting left of the boom”. They lament that most CCTV investigation and analysis takes place after the bad thing has occurred, so getting ahead of a bad situation and giving people access to data and information in advance of those bad things happening to provide security personnel a chance to mitigate the threats.
Steve Lasky is a 30-year veteran of the security industry and the Editorial Director for the Southcomm Security Media Group, which includes SecurityInfoWatch.com, Security Dealer & Integrator (SD&I) magazine and Security Technology Executivemagazine. Reach him at [email protected].