The Black Swan of the Supply Chain, Part 2

Published Aug 8, 2011 2:50 PM by The Maritime Executive

By: Dr. Jim Giermanski, Chairman Powers Global Holdings, Inc., Part 2 of 2...view the first installment here.


The real question is "can this catastrophe happen," and the real answer is yes!  There are two primary scenarios: WMD in an inbound container from a foreign location or in an outbound container leaving the United States placed there and executed by a home-grown terrorist.  Finally, can those scenarios be easily accomplished?  Unfortunately, given DHS's policies, again the answer is yes.  Here's why.  Probably the most reasonable or politically acceptable treatment of port and maritime security is contained in the publications of the Homeland Security & Defense Business Council.  In its Port & Maritime Security monograph the Council cites three initiatives, two of which have now worked their way into Federal legislation, the 2001 Customs and Border Protection (CBP) supply chain security program called the Customs-Trade Partnership Against Terrorism (C-TPAT), and its 2002 Container Security Initiative (CSI).  The third is the Transportation Worker Identification Credential (TWIC) program.

Of the two programs C-TPAT is a positive and reasonably successful attempt at supply chain security.   Its participants are all voluntary; therefore, CBB knows them well and audits them for compliance.  Of course, that is a key weakness of the program - membership is voluntary and only those who want to be secure and subject themselves to audit will participate, exactly the firms the U.S. is likely not to worry about in the first place.  Terrorists are unlikely members of C-TPAT, and terrorists who work for firms participating in C-TPAT will likely be discovered and prevented from using a legitimate shipment as a weapon of mass destruction through a C-TPAT system.

2. CSI
However, CSI is a mandatory program covering all vessel shipments from a foreign port to the United States.   CSI addresses the threat of a terrorist weapon contained in a shipping container destined for the United States, and seeks to target and prescreen containers from foreign ports to identify those which are high-risk.  The Container Security Initiative requires notification to CBP by vessel carriers of manifest information of all containers 24 hours prior to stowing the containers onto the vessel.  CSI asked for cooperation of foreign ports in allowing the presences of CBP inspectors at those ports.  The Container Security Initiative, now codified by the U.S. SAFE Port Act, is a weak program at best.  Its weakness is in its core component: the 24-hour manifest. 

A manifest is like a tally sheet of what the vessel is carrying. Except for visible cargo, the carrier has never known for sure what is in a locked and sealed container that it receives for carriage. This was recognized ever since we have had locked containers.  Prior to CSI, the vessel carrier was forced to use honest terms such as FAK (freight of all kinds) or STC (said to contain) which accurately explained that this or that was supposed to be in the container. The reality is no different today under CSI, except that the carrier cannot use those phrases. The carrier must put on the manifest what the shipper or his agent says the contents are.  In essence, nothing has really changed.  It is an information-based system that depends on the vessel carrier’s manifest to identify the cargo in a container that the vessel is carrying.  Unfortunately, the vessel carrier makes and files the manifest and, consequently, is 100% dependent on the shipper (consignor) or the shipper’s freight forwarder for information about contents. As such, the vessel carrier serves as a third party in verifying the contents of the container, the equivalent of hearsay.

In CSI, the details and accuracy of cargo information will always be linked to the person or firm that provides the cargo information to the carrier who then uses that supplied information to complete the 24-hour manifest. The vessel carrier has no first-hand knowledge of the container’s contents. CSI's 24-hour rule places the responsibility of sending the manifest to CBP with the shipping line, specifically the liner that loads the container into the vessel at the foreign port for movement to the United States.  Essentially the carrier is still filing what the container is “Said to Contain.” Only now, instead of using the term “STC,” the carrier will use the harmonized tariff number of the products furnished by the shipper or his agent to indentify the cargo.   Ultimately, we still don’t really know what is in the container being carried to the United States.  For this to begin to change the U.S. Senate would have to ratify and the president sign the new Rotterdam Rules which so far it has refused to do.  Or DHS would have to mandate the use of container security devices (CSD) that would provide the identity of the individual who inspected and verified the contents at the time of sealing and arming the container. (13)

The last area of port and maritime security seems to rest with the Transportation Worker Identification Credential (TWIC) program.  Under this program "...DHS was required to issue a worker identification card that uses biological metrics, such as fingerprints, to control access to secure areas of ports or ships. Responsibility for developing the card was placed with the TSA, with a preliminary deadline of having cards for 6 million maritime workers by August 2004."(14)   The TWIC for maritime industry workers was mandated in the Maritime Transportation Security Act of 2002, and after slow progress and missed deadlines, TSA finally began issuing TWIC cards in October 2007.  However, there are still problems with adequate card readers.  It is clear that this program is simply not functional.  Below are the direct comments of an experienced and respected ship's captain about the TWIC program:

Presently I hold five U.S. Masters Licenses, and three foreign Masters and have been a professional Mariner since 1972. I am ex-Coast Guard and NOAA. I am familiar with dealing with Governmental agencies. The TWIC program is the biggest boondoggle to date. It has been written up numerous times in the Professional Mariner stating the flaws in the system but it continues down its path.

His comments also reflect first-hand knowledge of how easy it is to simply bypass the system, exchange cards, and continue to do what has always been done before the existence of the TWIC card and program.  He cited numerous problems and said that the bottom line was that the TWIC program does not improve port or maritime security and is essentially a joke.  It's probably best summed up with his following statement:

  ...911 has changed our lives forever but we still do not have fidelity in our training or in the management. The laws governing our vessels and port security are changing so fast. I feel people have become more lax instead of more aware. I believe people want to do a good job and take pride in their position but trying to keep up and the bureaucratic red tape and changes can't let them. They don't have time to learn a system before it changes again.

Besides these three programs CBP has developed others such as the Ten+Two Program, and technological systems for scanning containers in foreign and domestic ports.  The Ten+Two Program seems to be a good program, but its fundamental weakness is the reliability of the shipper's statement of content.  However, the use of scanning has not reached its objectives.

4. Scanning
Given the objections of our trading partners and even the World Customs Organization (WCO), the scanning requirement in foreign ports has already failed, and the scanning in domestic ports is simply not reliable according to a retired CBP supervisor responsible for scanning in one of our seaports.  Furthermore, in May 2005, three scientists, Davabhaktuni Srikrishna, A. Narasimha Chari and Thomas Tisch, released a paper on detecting nuclear materials in transport. Their conclusions were clear and compelling.  First, terrorists are most likely to use highly enriched uranium (HEU), not plutonium because the assembly of the HEU bomb is not as technically complex as a plutonium bomb.  Second,  terrorists can circumvent a network of fixed detectors: Fixed detectors not only lack sufficient proximity and exposure to the vehicle in transit but also do not screen many types of vehicles.  Third, R&D breakthroughs cannot change the physics of detection: Passive detection of HEU will continued to be limited by its natural rate of radioactivity, and the attenuation of radioactivity is sharp with distance/shielding.  According to the paper's authors, the physics of detection are fairly simple. Gamma rays and neutrons from shielded HEU are detectable at only short distances and only when there is adequate time to count a sufficient number of detected particles. The closer a detector is to the source of emission and the longer it “sniffs,” the greater the probability of detecting HEU.(15)

Based on these factors, the only reasonable conclusion is that the United States does not know what is in in-bound containers, and its programs, scanning technologies, and systems do not prevent WMD from entering the United States in containers shipped from abroad, especially if those containers were transshipped through smaller transshipment ports where scanned container are discharged from the vessel and remain in a smaller port's container facilities waiting for re-stowing aboard a vessel bound for the United States.


Let us assume that all DHS programs work perfectly to prevent inbound containers from entering U.S. ports, could we still have a Black Swan event?  The answer is absolutely.  DHS has refused to admit or take steps to control, perhaps, the greatest threat that exits to our port system: the outbound container. Yet for DHS, the focus is on the Transportation Security Administration's (TSA) pat downs or x-rays for adult air travelers, and the CSI and C-TPAT focus only on inbound traffic - imports.  DHS and its CBP seem oblivious to security vulnerability to our ports posed by containers leaving the United States.  Each of CBP’s major container security programs has one focus: inbound cargo.  Other nations, however, recognize the security importance to outbound containers.  The European Union's,  Authorized Economic Operator (AEO) security program, a counterpart to C-TPAT, recognizes and acknowledges the outbound risk as equal to inbound, requiring documentation and information about exporters of products through its ports.  C-TPAT  does not even in the face of growing concern over homegrown terrorism as recently demonstrated by the arrest of Pvt. Naser Jason Abdo, a 21-year-old AWOL soldier from Kentucky's Fort Campbell.   Recent comments by the Representative Bennie Thompson (D-Miss.), ranking member of the House Homeland Security Committee support the concern for homegrown terrorism when referring to the recent domestic terrorist attack in Norway: "Although we are awaiting a preliminary investigation, this incident unfortunately reminds us that we must remain vigilant against the threat of homegrown terrorism, especially the threat posed by lone wolves." (16)

In demonstrating this U.S. vulnerability, a firm from Belmont, North Carolina without any existing record of exporting or being in the international trade business, but one that is involved in supply chain and container security business, intentionally shipped an empty 20' dry container from North Carolina to Germany through the Port of Charleston.  The container was never opened by CBP or anyone else and nobody outside the firm knew for sure what was really in the container.   While absolutely accurate in its declared contents, it could have contained WMD.  If that firm wished to use that container as a weapon of mass destruction, it could have done so with ease.  This same firm has also demonstrated with a neighboring municipal police bomb squad how easy it is to blow up a container in our ports-of-entry using the same electronic technology required for use in our ports and used by CBP.  The outbound threat begs the question: if 100% of adult airline travelers are a security risk and each has to be examined for what each can attach to his or her body, then what is the risk of exported containers which are apparently not considered a security risk and are 100% excluded from a security inspection?  DHS's current practice of inspecting all adult airline travelers is about as distorted as deciding to inspect all domestic tractor/trailers moving from one city to another city because a trailer could explode in-route to or at its destination city.  There is a gross miscalculation of critical risk and should be a matter of serious concern about government competence in meeting its obligation to keep us free and safe. 


Even Professor Taleb's imbecile must admit that this scenario must constitute a Black Swan possibility.  What is necessary now is a serious, comprehensive, empirical study by a non-profit, non-government research institution or University to determine the potential consequences of temporarily closing all our U.S. ports as a result of the detonation of WMD in any one or more of them.  Daily loss of pass-through cargo such as oil, job loss in all the industries affected by imports and exports, and all related business linkages such as trucking and rail business loss should be measured.  The findings would make this government understand the critical nature of really knowing and controlling what enters our ports whether from foreign inbound shipments or domestic outbound shipments.  A study of this nature would force, one hopes, DHS and CBP to required the use of in-container devices that would detect and report unauthorized access, monitor movement, and report contents such as radiation and explosives.  But most important in any mandate to use container security devices (CSD) would be the requirement of communicating the identity of the actual, authorized person who verifies the cargo at container stuffing, arming, and sealing at origin and the identity of the authorized person accessing the container at destination, in effect creating a virtual chain of custody.   Short of this, there should be no question that a Black Swan event could literally destroy the economy of the United States for a significant period, if not permanently, and injure other global economies.  It is time now to mandate the use of CSDs that currently exist as "off the shelf" products.   All the black feathers are there.  


MarEx does not necessarily endorse the opinions herein.



(12) For a comprehensive treatment of the development of container security standards see: Dr. Jim Giermanski, The Development and Globalization of Container Security, Defense Transportation Journal, September 2008, Vol. 64, No. 5, pp 16-22. 

(13) For a comprehensive treatment of this area, see Dr. Jim Giermanski, Container Security, Lead, Follow or Get Out of the Way, Maritime Professional, First Quarter, 2011. www.martitimeprofessional.com

(14) The 9/10/11 Project, "Port & Maritime Security, Homeland Security Defense Business Council, April 10, 2011, p. 2.   http://homelandcouncil.org/pdfs/digital_library_pdfs/hsdbc91011projectportmaritimesecurity.pdf

(15) Davabhaktuni Srikrishna, A. Narasimha Chari, and Thomas Tisch, “Nuclear Detection: Portals, fixed detectors, and NEST teams won’t work for shielded HEU on a national scale, so what next?” May 16, 2005, p.1.

(16) Mickey McCarter, US Officials Emphasize Dangers of Lone Wolf Terrorists After Norway Attacks, HSToday.US, July 25, 2011, http://www.hstoday.us/briefings/today-s-news-analysis/single-article/us-officials-emphasize-dangers-of-lone-wolf-terrorists-after-norway-attacks/2c6b7eb7a84a2366847c860a604bbbfd.html