On 11 September 2001, four planes in America were hijacked by men armed only with box cutters. The attackers on one plane were overcome by a rugby team and it went down in a Pennsylvanian field. Two others brought down the North and South towers of the World Trade Center. The fourth slammed into America's military headquarters - the Pentagon. The TSA (Transportation Security Administration), as a subdivision of U S Homeland Security, was born as a result of these attacks. Given the reality of those times, the TSA was effective and did its best.
But times have changed, and the World has sidestepped the attack vectors that the TSA was implemented to address. Every well-informed hacker knows what was so blatantly demonstrated by Chris Roberts a few months ago.
A person does not have to physically board a plane in order take control of it. Even though Chris boarded a flight to Philadelphia and used the entertainment system to demonstrate the weaknesses inherent in Airline control systems, he has spoken out stating the obvious: anyone with moderate hacking abilities can go online from anywhere in the world, and take control of our commercial airliners.
Chris is a close friend and the official chief technology adviser on my "McAfee for US President 2016" campaign. I could hope for no better technology adviser.
This may sound far-fetched, but it is obvious to anyone following the hacking community. In July, two hackers demonstrated to Wired magazine that they could, from anywhere on the internet, hack into a Jeep automobile manufactured within the past 5 years, take control away from the driver, and run the car into a ditch. The demo was done at 5mph. You can imagine what results would manifest at 50mph.
The architecture of automobile control and flight control systems share one commonality: they were designed in an age where the nuances of cybersecurity were unknown or ignored. They were not designed, first and foremost, with preventing a hack in mind. I could write forever about the impossibilities of providing any security whatsoever given the current approach to security that is being pursued by the TSA, but that would be counterproductive.
Instead, here is what we need: the TSA should be abandoned in its entirety. I'm not suggesting that we lay off federal workers. Our unemployment rolls are already filled to the max. But the TSA budget is nearly $8bn (£5.1bn) a year. Salaries account for less than $2bn. If we sent everyone home and continued to pay them, that would be a savings of $6bn per year, it would also give us nearly 50,000 Federal employees that could better serve the country in a different capacity at some not too distant future.
Most flights already carry armed undercover US Federal marshals. This could be beefed up if necessary. Had Federal Marshals been on the 9/11 planes, there is little doubt that the hijackings would not have been successful.
We need to revamp our nation's cybersecurity platform. An all out cyberwar is inevitable at some point and we are in no manner prepared. $6bn a year would go a long way toward beefing up our preparedness.