PSIM Ambulance Chasing in Brussels

Author: John Honovich, Published on Mar 03, 2013

Desperate, shady PSIM marketing tactics continue. Last month, $50 million of diamonds were stolen from the Brussels airport. Now, a PSIM marketing manager tries to capitalize on that to sell his products. Unfortunately, their case for PSIM is incredibly weak ignoring obviously more valuable fundamental countermeasures.

The Heist

**** *** ** *********, ********* ***** ***, ****** ****** ** inside ***********. *** **** * ****** ***** ********* **:

Vendor's ***************

****'* ********* *******'*******'*********** ********':

"*** ***** ** **** *** ** *** ********** *********** *** not ******* *** ********** ********* ** ******** ** *** ******* rooms **** ***** *** ** *** **** ***** *** ***** pumped *** ********* **** *********** ********."

*** ****** ** ****! ***? ** ********:

"[****] ***** **** ** ***** ** ** *** ********, *** *****, concourses, ****** *** *********, *** *******, ******* *** ********* *********, but ** **** ******** *** **** **** ****-**-**** ******** ** to *** ** ******* ** ***** ******** ** ********** **** pre-determined ****-******** *** ** ********** **** ******** ***********."

****'* **. *****'* ** **** **** *** * **** ***** directly ***** ** ****** * ***********, ********* *****, ******* *** carrying, ****** *********** ****** *********.

The *******

**'* ********* ******** **** *** ******** ******** ******** ****** ***** have *** ******** ****** ** ******** *** ******* ********.

** *** ********, ***** *** *** ***** **** ** ****** this:

  • ********** ******** / **********: *** ******** ****** *** ********* ** impact ** *** *********. * ************ ********* ***** **** ** far **** *********, ** *** **********, *** ******** ** ***** inside *** *******.
  • **** ******* ***** ** ***********: ***** *** **** ****** *** procedural ******** **** ***** ******* ******** ******* ***** ****** ** adversaries - **** *** **** ** *** ******, *** ******** of *** ********, ***. 

**** *********** **** **** ******** *********** *** *** *** **** near **** ******** **********, ** ******* ****** ********** *** *** computer ****** ** **** * ******* ** ******* *** ********* in **** *******.

Comments (22)

I LOL'd at the "ambulance chasing" reference :)

"Once adversaries have such critical information and are met with near zero physical resistance, it becomes nearly impossible for any computer system to stop a caravan of machine gun intruders in mere minutes."

Not this computer:

In fairness, Robocop is actually less expensive than a PSIM system :)

I wonder if they did any Red Team penetration testing?

The huge assumption made was that the $50M parcel was 'protected' by simply being inside the airport perimeter. Good red teams should expose this...

While it's fairly obvious that someone can ram through an airport fence, the big question is whether that is a threat that should actually be defended against. How often do such attacks happen?

Ramming through airport fences to rob airplanes is about as likely as a shoe bomber. You can make a case about defending against both but the value is certainly debatable.

I still have to take off my shoes when I fly :) ...but I agree that you can't protect from everything.

What SOP do you think they will change to avoid this kind of thing in the future?

while it was clearly an inside job (as noted above) the fact remains that a sack of diamonds worth $50M sat unprotected.

It's unfair to call it unprotected. There were lots of protections in place. That's why the attackers had to smash through a fence and hold up the plane with machine guns rather than walk up to the security guards and pickpocket them as they were walking down the street.

You can't protect aginst every scenario unless you want no freedom and are willing to pay absurd prices. The question, of course, remains whether this threat should be defended against.

Lots of SOPs are created only after someone figures out how to defeat incumbent SOPs... hence, I'm still taking off my shoes at airports in the U.S. I'm not sayng they are effective, just that they will most assuredly come...

Point being, this airport will most definitely be putting 'something' in place as a new SOP to try and 'stop' this from happening again at their joint (most likely ignoring the statistical chances of this same thing actually happening).

The most obvious and simple to implement is to have high-dollar items escorted on planes - it deflects (and maybe as you point out, rightly so) the responsibility to the package owner. Count on the insurance company that is paying this claim to mandate it.

The SOP can be: put guys with guns next to high value packages because if other guys with guns come you can respond / defend.

Implementing that in your PSIM is unlikely to make any difference because if someone can get in and out in minutes, the good guys with guns need to already be there.

I think before any product/solution can be introduced/incorporated...A risk assesment should be done. Without a true risk assesment...you have no idea what the problem is. NICE let their marketing department spew information, without doing a risk assesment, for a shot at an opportunity or publicity that makes them look like an expert. It is also unfair for all of us to judge if a PSIM would have worked, or not, without doing a proper risk assesment. It is easy to be a Monday Morning Quarterback:)

Remember when that guy walked into the JFK runway area? Many people jumped with expert oppinions with that as soon as it happend. The reality of what happend to that was an operator just got tired of all the alarms and he turned the setting off on their PSIM.

Jeremiah, I had not heard this: "The reality of what happened to that was an operator just got tired of all the alarms and he turned the setting off on their PSIM."

However, if it is true, that is deeply concerning because it implies that their detection systems (analytics/radar, etc.) was not working properly.

Jeremiah, I am aware of the story but that article does not talk about what caused it, i.e., there's not mention of tuning 'the setting off on their PSIM.'

I don't know if Raytheon would refer to their Clearview C2 software as a PSIM, although I'll bet it might even cost more! They are proposing same software for border protection under the IFT program.

Luckily there are not so many jetskiers on the Arizone border....

We discussed this on another thread at length. I also have not heard this quote, so it's still unclear whether the sensors failed to detect, the software failed to alarm, or if the operators just ignored an alarm as often happens in a system with excessive alarms, false or otherwise.

Marc, that's funny, "Luckily there are not so many jetskiers on the Arizone border...."

Thanks for the link. I'll ask Carlton to track that program and request RFP and contracting documents / updates.

A lot of times a big part of the mechanism protecting an asset is the lack of knowledge that it exists. That is why our governments have state secrets and we install hidden safes in our homes. A large portion of the diamonds traded in the world is transported on plain bags by plain unarmed folks. The security of those diamonds rests on the fact that nobody other than the carriers knows they are there.

At the end of the day, if it is known that a 50 million item is being transported, there always be someone willing to take it. The question is how many people that person is willing to kill or hurt in the process. After all, armored trucks get hit every day worldwide for a lot less money. Unless you are willing to have a portable Fort Knox, if a bad guy knows, you’ll probably be hit.

I agree with John, you cannot protect against every scenario and since this is not an everyday situation, it does not make sense for an airport to spend exorbitant amounts of money to protect against it. There is a balance between security, reasonable mobility of people and goods thru an airport and budget.

Instead, maybe the carrier should have taken more precautions like having a security force in place to defend the asset and/or use private transport opposed to scheduled airlines.

Mario: we used to call that "security by obscurity" :)

BTW, seems to me that protecting against a truck smashing through the fence shouldn't be a difficult thing - what's the cost to erect a line of Jersey barriers along any sections of the fenceline that would be accessible by a vehicle? Job could probably be done in a couple days, probably at well under $100,000.

Matt, but can jersey barriers automate SOPs? I don't think so :)

Barriers, though, are the obvious choice if one wants to stop vehicles busting through the perimeter.

Btw, while 'security by obscurity' routinely gets criticized in the industry, as Mario points out, it is commonly used and often useful, especially relative to the costs of building out full infrastructure to defend. Obviously, if the information leaks, there's goes both obscurity and security.

I was thinking as I posted that, given the relative cost, it's amazing the airport didn't already have such barriers in place... for even something like a "Hercules fence":

Then I got thinking about it... and I don't know that I've EVER seen such measures on an airport's fenceline, even in places where it would be easy to drive a lowered car right up to the fence.

Guess that tells you how often someone driving through the fences really happens... like, almost NEVER.

John, that RFP and surrounding documents were sensitive so it's unlikely you'll be able to get anything further. Also it was a design build performance spec so it still would not tell you about what was deployed.

Matt, a number of airports in the USA have had intrusions through the perimteter, either by driving through a gate (solved with pop-up barriers of various ratings) or through the fence. I know of at least 3 or 4 sites myself that have deployed the jersey barrier base with chain link fence on top, although the ones I know were full 8' fence on top of the barrier, and then 3 strands of barbed wire- except were FAA limits the heights of all objects in specific zones.

In the USA it's been my experience that there's not much deployment of security on the 5-30 perimeter fence, but lots at the TSA checkpoints. Like having a guarded vault door in the front, but a swinging screen door in the back. And of course, thousands of people with access to secure areas who have been screened for past criminal record but not much else. Don't get me started- sorry, too late!

Thanks, Marc. I will admit, I haven't been through a lot of airports, and rarely have I looked at the fences. I have several times over the years visited the viewing areas at the east end of YVR's runways and seen nothing except the fence. In fact, there are driveways with gates in both sections of fence and I often pondered how easy it would be to simply drive out onto the field...

I grabbed a couple GMaps shots from YVR's northern runway:

Funny, I don't remember the yellow barricade being there last time I was out... but it's been a couple years.

[Editor's note: links broken]

Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Related Reports

UK Fines Security Firms For Illegal Direct Marketing on Jan 16, 2019
Two UK security firms have paid over $200,000 in fines for illegally making hundreds of thousands of calls to people registered on a government...
Gorilla Technology AI Provider, Raises $15 Million, Profiled on Jan 15, 2019
Gorilla Technology is a Taiwanese video analytics manufacturer that recently announced a $15 million investment from SBI Group, saying this...
CES 2019 Show Report on Jan 10, 2019
IPVM was at CES 2019 for the second year (see our CES 2018 Show Final Report) and is reporting on announcements and interesting news from the show...
2019 Video Surveillance Cameras Overview on Jan 07, 2019
Each year, IPVM summarizes the main advances and changes for video surveillance cameras, based on our industry-leading testing and...
CyberExtruder Face Recognition Profile on Jan 04, 2019
CyberExtruder offers 3D modeling face recognition software that they say provides quicker and more accurate matches than other 2D face recognition...
"At Hikvision, We Build Trust" on Jan 03, 2019
Hikvision has joined a growing number of video surveillance manufacturers marketing their trustworthiness. In a recent trade magazine full page...
European Startup Ajax Profile - They "Stand Against Evil" on Jan 03, 2019
European intrusion detection startup Ajax Systems proclaims: How are they standing against evil? And what are the differentiators and potential...
The Battle For The VSaaS Market Begins 2019 - Alarm.com, Arcules, Eagle Eye, OpenEye, Qumulex, Verkada, More on Jan 02, 2019
2019 will be the year that VSaaS finally becomes a real factor for professional video surveillance. While Video Surveillance as a Service (VSaaS)...
Scam Research And The $86 Billion IP Camera Market on Dec 19, 2018
Scam. The most widely cited research numbers in many, if not most, industries come from a growing number of Indian 'market research firms'. We...
Imperial Capital Security Investor Conference 2018 Review - ADT, Resideo, Alarm.com, Arlo, Eagle Eye, ACRE, More on Dec 14, 2018
Imperial Capital Security Investor Conference is an event matching industry executives with financiers that frequently leads to future funding...

Most Recent Industry Reports

The IP Camera Lock-In Trend: Meraki and Verkada on Jan 18, 2019
Open systems and interoperability have not only been big buzzwords over the past decade, but they have also become core features of video...
NYPD Refutes False SCMP Hikvision Story on Jan 18, 2019
The NYPD has refuted the SCMP Hikvision story, the Voice of America has reported. On January 11, 2018, the SCMP alleged that the NYPD was using...
Mobile Surveillance Trailers Guide on Jan 17, 2019
Putting cameras in a place for temporary surveillance where power and communications are not readily available can be complicated and expensive....
Exacq Favorability Results 2019 on Jan 17, 2019
Exacq favorability amongst integrators has declined sharply, in new IPVM statistics, compared to 2017 IPVM statistics for Exacq. Now, over 5 since...
Testing Bandwidth Vs. Low Light on Jan 16, 2019
Nighttime bandwidth spikes are a major concern in video surveillance. Many calculate bandwidth as a single 24/7 number, but bit rates vary...
Access Control Records Maintenance Guide on Jan 16, 2019
Weeding out old entries, turning off unused credentials, and updating who carries which credentials is as important as to maintaining security as...
UK Fines Security Firms For Illegal Direct Marketing on Jan 16, 2019
Two UK security firms have paid over $200,000 in fines for illegally making hundreds of thousands of calls to people registered on a government...
Access Control Cabling Tutorial on Jan 15, 2019
Access Control is only as reliable as its cables. While this aspect lacks the sexiness of other components, it remains a vital part of every...
Avigilon Favorability Results 2019 on Jan 15, 2019
Since IPVM's 2017 Avigilon favorability results, the company was acquired by Motorola and has shifted from being an aggressive startup to a more...
Gorilla Technology AI Provider, Raises $15 Million, Profiled on Jan 15, 2019
Gorilla Technology is a Taiwanese video analytics manufacturer that recently announced a $15 million investment from SBI Group, saying this...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact