PSIM Ambulance Chasing in Brussels

By John Honovich, Published Mar 03, 2013, 07:00pm EST (Info+)

Desperate, shady PSIM marketing tactics continue. Last month, $50 million of diamonds were stolen from the Brussels airport. Now, a PSIM marketing manager tries to capitalize on that to sell his products. Unfortunately, their case for PSIM is incredibly weak ignoring obviously more valuable fundamental countermeasures.

The Heist

**** *** ** *********, ********* ***** job, ****** ****** ** ****** ***********. See **** * ****** ***** ********* it:

Vendor's ***************

****'* ********* *******'*******'*********** ********':

"*** ***** ** **** *** ** the ********** *********** *** *** ******* the ********** ********* ** ******** ** the ******* ***** **** ***** *** of *** **** ***** *** ***** pumped *** ********* **** *********** ********."

*** ****** ** ****! ***? ** explains:

"[****] ***** **** ** ***** ** ** the ********, *** *****, **********, ****** the *********, *** *******, ******* *** warehouse *********, *** ** **** ******** the **** **** ****-**-**** ******** ** to *** ** ******* ** ***** incident ** ********** **** ***-********** ****-******** and ** ********** **** ******** ***********."

****'* **. *****'* ** **** **** how * **** ***** ******** ***** or ****** * ***********, ********* *****, machine *** ********, ****** *********** ****** adversary.

The *******

**'* ********* ******** **** *** ******** security ******** ****** ***** **** *** material ****** ** ******** *** ******* incident.

** *** ********, ***** *** *** clear **** ** ****** ****:

  • ********** ******** / **********: *** ******** fences *** ********* ** ****** ** the *********. * ************ ********* ***** make ** *** **** *********, ** not **********, *** ******** ** ***** inside *** *******.
  • **** ******* ***** ** ***********: ***** are **** ****** *** ********** ******** that ***** ******* ******** ******* ***** leaked ** *********** - **** *** time ** *** ******, *** ******** of *** ********, ***. 

**** *********** **** **** ******** *********** and *** *** **** **** **** physical **********, ** ******* ****** ********** for *** ******** ****** ** **** a ******* ** ******* *** ********* in **** *******.

Comments (22)

I LOL'd at the "ambulance chasing" reference :)

"Once adversaries have such critical information and are met with near zero physical resistance, it becomes nearly impossible for any computer system to stop a caravan of machine gun intruders in mere minutes."

Not this computer:

In fairness, Robocop is actually less expensive than a PSIM system :)

I wonder if they did any Red Team penetration testing?

The huge assumption made was that the $50M parcel was 'protected' by simply being inside the airport perimeter. Good red teams should expose this...

While it's fairly obvious that someone can ram through an airport fence, the big question is whether that is a threat that should actually be defended against. How often do such attacks happen?

Ramming through airport fences to rob airplanes is about as likely as a shoe bomber. You can make a case about defending against both but the value is certainly debatable.

I still have to take off my shoes when I fly :) ...but I agree that you can't protect from everything.

What SOP do you think they will change to avoid this kind of thing in the future?

while it was clearly an inside job (as noted above) the fact remains that a sack of diamonds worth $50M sat unprotected.

It's unfair to call it unprotected. There were lots of protections in place. That's why the attackers had to smash through a fence and hold up the plane with machine guns rather than walk up to the security guards and pickpocket them as they were walking down the street.

You can't protect aginst every scenario unless you want no freedom and are willing to pay absurd prices. The question, of course, remains whether this threat should be defended against.

Lots of SOPs are created only after someone figures out how to defeat incumbent SOPs... hence, I'm still taking off my shoes at airports in the U.S. I'm not sayng they are effective, just that they will most assuredly come...

Point being, this airport will most definitely be putting 'something' in place as a new SOP to try and 'stop' this from happening again at their joint (most likely ignoring the statistical chances of this same thing actually happening).

The most obvious and simple to implement is to have high-dollar items escorted on planes - it deflects (and maybe as you point out, rightly so) the responsibility to the package owner. Count on the insurance company that is paying this claim to mandate it.

The SOP can be: put guys with guns next to high value packages because if other guys with guns come you can respond / defend.

Implementing that in your PSIM is unlikely to make any difference because if someone can get in and out in minutes, the good guys with guns need to already be there.

I think before any product/solution can be introduced/incorporated...A risk assesment should be done. Without a true risk have no idea what the problem is. NICE let their marketing department spew information, without doing a risk assesment, for a shot at an opportunity or publicity that makes them look like an expert. It is also unfair for all of us to judge if a PSIM would have worked, or not, without doing a proper risk assesment. It is easy to be a Monday Morning Quarterback:)

Remember when that guy walked into the JFK runway area? Many people jumped with expert oppinions with that as soon as it happend. The reality of what happend to that was an operator just got tired of all the alarms and he turned the setting off on their PSIM.

Jeremiah, I had not heard this: "The reality of what happened to that was an operator just got tired of all the alarms and he turned the setting off on their PSIM."

However, if it is true, that is deeply concerning because it implies that their detection systems (analytics/radar, etc.) was not working properly.

Jeremiah, I am aware of the story but that article does not talk about what caused it, i.e., there's not mention of tuning 'the setting off on their PSIM.'

I don't know if Raytheon would refer to their Clearview C2 software as a PSIM, although I'll bet it might even cost more! They are proposing same software for border protection under the IFT program.

Luckily there are not so many jetskiers on the Arizone border....

We discussed this on another thread at length. I also have not heard this quote, so it's still unclear whether the sensors failed to detect, the software failed to alarm, or if the operators just ignored an alarm as often happens in a system with excessive alarms, false or otherwise.

Marc, that's funny, "Luckily there are not so many jetskiers on the Arizone border...."

Thanks for the link. I'll ask Carlton to track that program and request RFP and contracting documents / updates.

A lot of times a big part of the mechanism protecting an asset is the lack of knowledge that it exists. That is why our governments have state secrets and we install hidden safes in our homes. A large portion of the diamonds traded in the world is transported on plain bags by plain unarmed folks. The security of those diamonds rests on the fact that nobody other than the carriers knows they are there.

At the end of the day, if it is known that a 50 million item is being transported, there always be someone willing to take it. The question is how many people that person is willing to kill or hurt in the process. After all, armored trucks get hit every day worldwide for a lot less money. Unless you are willing to have a portable Fort Knox, if a bad guy knows, you’ll probably be hit.

I agree with John, you cannot protect against every scenario and since this is not an everyday situation, it does not make sense for an airport to spend exorbitant amounts of money to protect against it. There is a balance between security, reasonable mobility of people and goods thru an airport and budget.

Instead, maybe the carrier should have taken more precautions like having a security force in place to defend the asset and/or use private transport opposed to scheduled airlines.

Mario: we used to call that "security by obscurity" :)

BTW, seems to me that protecting against a truck smashing through the fence shouldn't be a difficult thing - what's the cost to erect a line of Jersey barriers along any sections of the fenceline that would be accessible by a vehicle? Job could probably be done in a couple days, probably at well under $100,000.

Matt, but can jersey barriers automate SOPs? I don't think so :)

Barriers, though, are the obvious choice if one wants to stop vehicles busting through the perimeter.

Btw, while 'security by obscurity' routinely gets criticized in the industry, as Mario points out, it is commonly used and often useful, especially relative to the costs of building out full infrastructure to defend. Obviously, if the information leaks, there's goes both obscurity and security.

I was thinking as I posted that, given the relative cost, it's amazing the airport didn't already have such barriers in place... for even something like a "Hercules fence":

Then I got thinking about it... and I don't know that I've EVER seen such measures on an airport's fenceline, even in places where it would be easy to drive a lowered car right up to the fence.

Guess that tells you how often someone driving through the fences really happens... like, almost NEVER.

John, that RFP and surrounding documents were sensitive so it's unlikely you'll be able to get anything further. Also it was a design build performance spec so it still would not tell you about what was deployed.

Matt, a number of airports in the USA have had intrusions through the perimteter, either by driving through a gate (solved with pop-up barriers of various ratings) or through the fence. I know of at least 3 or 4 sites myself that have deployed the jersey barrier base with chain link fence on top, although the ones I know were full 8' fence on top of the barrier, and then 3 strands of barbed wire- except were FAA limits the heights of all objects in specific zones.

In the USA it's been my experience that there's not much deployment of security on the 5-30 perimeter fence, but lots at the TSA checkpoints. Like having a guarded vault door in the front, but a swinging screen door in the back. And of course, thousands of people with access to secure areas who have been screened for past criminal record but not much else. Don't get me started- sorry, too late!

Thanks, Marc. I will admit, I haven't been through a lot of airports, and rarely have I looked at the fences. I have several times over the years visited the viewing areas at the east end of YVR's runways and seen nothing except the fence. In fact, there are driveways with gates in both sections of fence and I often pondered how easy it would be to simply drive out onto the field...

I grabbed a couple GMaps shots from YVR's northern runway:

Funny, I don't remember the yellow barricade being there last time I was out... but it's been a couple years.

[Editor's note: links broken]

Login to read this IPVM report.
Why do I need to log in?
IPVM conducts reporting, tutorials and software funded by subscriber's payments enabling us to offer the most independent, accurate and in-depth information.
Loading Related Reports