recommended reading

Drill tests law enforcement's ability to respond to a nuclear threat

The National Nuclear Security Administration is turning to technology to help train law enforcement officials on how to respond to terrorist threats involving hazardous materials.

During a tabletop exercise last week at the Massachusetts Institute of Technology, NNSA showed state and local law enforcement officials PowerPoint presentations and videos that staged fictitious threat scenarios involving terrorists attempting to steal high-activity radiological and nuclear materials from laboratories at the university. Such materials could be used in radiological dispersal devices, which are more commonly known as dirty bombs. The law enforcement officials and faculty and staff from MIT walked through the steps they would take to respond to such an event. Forty participants took part in the exercise, while another 160 people observed.

"The tabletop is the culmination of multiple efforts we're doing domestically to help secure high-activity radiological and nuclear materials at civilian sites," said Kenneth Sheely, deputy director of NNSA's Global Threat Reduction Initiative. "We simulate an event, running through the evolution of alarms that would go off and the procedures [officials on-site and off-site] would need to take to respond in the case of an actual event."

Specifically, the tabletop exercise tests law enforcement's response to alarms a remote-monitoring system sends over the Internet when it detects critical threats involving hazardous materials. Signals to law enforcement officers are encrypted to ensure terrorists can't hack the system either from inside or outside the facility and, for example, prevent alarms from sounding during an attempted theft. The monitoring system also sends a periodic statement to confirm it's up and running.

"This is a sophisticated system in a box that integrates multiple sensors and prioritizes alarms to on-site and off-site monitoring centers to ensure an appropriate response," said Ioanna Iliopulos, director of GTRI's Office of North and South America. So, law enforcement might not be notified when someone enters a facility, but would be alerted if sensors detected tampering with a container of hazardous materials or found elevated levels of radiation in the room.

"Many medical and research facilities allow students to do important research at all hours, and they have authorized access to facilities that house these radiological devices," Iliopulos added. "If I'm a student that has gone rogue, I may not set off any access control alarms, but I'd still have a hard time spoofing the system with all of the additional detection systems on the device itself."

For security reasons, NNSA couldn't comment on whether a legitimate radiological or nuclear threat ever has been detected at either a government or civilian site.

NNSA, in partnership with the FBI, has conducted the tabletop exercises and used the remote-monitoring system at government facilities for nearly one decade, and extended the program to civilian sites during the past two years. While hospitals and universities often maintain hazardous materials on-site for research and medical purposes, Sheely noted, they rarely have armed guards who are properly trained to respond to a threat. This makes partnership with local law enforcement crucial.

"In any facility, whether civilian or military, you need to have a balanced security approach to protect not only against those attacking from outside, but those inside who are more knowledgeable of procedures," Sheely said.

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

    Download
  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

    Download
  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

    Download
  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

    Download
  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

    Download
  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security

    Download

When you download a report, your information may be shared with the underwriters of that document.