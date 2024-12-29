By Pepper Intelligence Unit

We recently revealed how the Uganda Civil Aviation Authority (UCAA) Director Human Resource and Administration Sabah Ahmed recently recruited her biological relative to work at the airport despite being rejected by ISO’s vetting team.

In doing so, CAA bosses are at fault for ignoring policies related to (vetting and background) checks during recruitment something that can put the airport’s security at risk on the hands of an insider.

According to International Civil Aviation Organization (ICAO) ‘INSIDER THREAT TOOLKIT’ (created by the Aviation Security Panel’s Working Group on Training) , a thorough background check and vetting must be done during the recruitment process for airport employees especially those that need unescorted access to airside and security restricted areas, and persons with access to sensitive security information.

For ICAO, these measures are non-negotiable as they seek to reduce the risk of recruiting staff who may present a security concern by their actions.

As noted in the ICAO Aviation Security Global Risk Context Statement (Doc 10108 – Restricted), terrorists consistently look to exploit vulnerabilities in security controls and commit acts of unlawful interference (AUI) against aviation, which could be facilitated through the exploitation of staff/insiders .

WHO ARE INSIDERS?

Insiders are full or part-time employees (including contractors, temporary and self-employed personnel) who are working in or for the aviation sector whose role provides them with privileged access and/or knowledge to secured locations, items or sensitive security information.

WHAT IS THE INSIDER THREAT?

Therefore, such staff (insiders) can be used by terrorists like ADF, Alshabab, Alqaeda and others to destroy an aircraft in service, introduce a weapon or hazardous device or material intended for criminal purposes on board an aircraft or at an airport). Insiders can share confidential information, facilitate access to restricted areas, perform their roles inadequately enabling the introduction of prohibited articles into restricted areas, help external parties to obtain access to computer systems or other digital infrastructure.

This is why security vetting and background checks are important during the recruitment process.

WHAT IS THE RATIONALE OF AN INSIDER?

Insiders may conduct or facilitate an AUI through a lack of awareness, complacency or maliciousness. Lack of awareness of policies and procedures and complacency (lax approach to policies and procedures) can cause insiders to unintentionally facilitate an AUI through their negligence, inaction or failure to follow security policies and procedures. On the other hand, malicious insiders – those who make a conscious decision to conduct an AUI – may be driven by a mix of personal vulnerabilities, life events and situational factors, such as financial gain, ideology, revenge, desire for recognition, or coercion.

A malicious insider could deliberately seek to join an organization to conduct an AUI or acquire the intention of doing so during their employment (e.g. recruitment by a third party to exploit their trusted position).

WHY CAA BOSSES ARE ON SPOT

This publication has however landed on information that some actors within UCAA may have zero regard for this crucial safety element and all they are interested in is seeing their friends and relatives securing jobs at the airport.

According to confidential information obtained, Sabah Ahmed, UCAA Director Human Resource and Administration is behind this major potential security breach and threat which may see employees/insiders with ill motives employed at the airport.

For instance last year, UCAA advertised Security Assistant jobs. These are tasked with protection and safety of passengers and crew, ground personnel, the general public, aircraft, airport facilities and navigational aids.

All applicants’ names had to be sent to the Internal Security Organisation (ISO) for vetting, first—and this was done in a letter (Ref: UCAA/04/SV/114) dated 16 November, 2023 by UCAA to the former.

On December 8, 2023, ISO sent back names of applicants who had been rejected by the vetting team.

“The following applicants are not recommended: Ahmed Saidi, Musoke Sula, Margret Tibakanya, Daniel Bukenya, George Otika and Taremwa Kenneth Akandwanaho,” the confidential letter reads, implying that security related adverse records had been traced on them.

In the same letter, ISO did not trace security related adverse records on Kamahoro Brenda Bitangaro, Kahubire Sheila, Nyakato Deborah, Ntende Philix, Najjumba Sharon and Kembabazi Rossette: they were recommended for employment.

ISO REJECTED APPLICANT SNEAKED IN

A year later, one of the rejected applicants by ISO’s vetting team was spotted at Entebbe International Airport as a staff member.

He has been identified as Saidi Ahmed.

Our investigations show that he was appointed in July this as a Plant & Technician. According to the appointment letter signed by CAA’s HR, his one year contract runs from 22nd July, 2024 to 21st July, 2025.

He receives a consolidated salary of Shs 2,070,000.

However, one wonders how he got the job and whether he was cleared by security given that he had previously been rejected after the ISO vetting team managed to trace security related adverse records on him.

“Who cleared him to work at a security sensitive area like the Airport yet he had been previously rejected by the ISO vetting team?” wonders one of the concerned insiders at the Airport.

There are fears that many staffers could have slipped in through the backdoor without going through vetting processes.

“The Airport is at risk if a Human Resource Officer can recruit someone who failed the vetting process. The Airport is not safe at all. How many have been recruited in this style? How long has this been going on? When will this stop? Who gives the HR such powers? She needs to be checked or else potential terrorists may end up being recruited,” adds a source in security circles who prefers not to be named because he is not authorized.

UCAA has been contacted for a comment.

Sabah Ahmed replaced Pascal Jabbe Osinde Osudo in 2022 as UCAA Director Human Resource and Administration following the latter’s acrimonious exit.

There are now reports that most UCAA top bosses have fallen out with Sabah over her conduct but this is a story for another day.

She previously worked at URA in various positions for 12 years.

MITIGATING THE INSIDER THREAT

To effectively mitigate the hidden insider threat to aviation security, organizations must implement robust security measures and cultivate a culture of vigilance. Here are some key strategies to consider:

Establishing a Strong Security Culture: Foster a culture of security awareness, emphasising the importance of reporting suspicious behaviour, adhering to protocols, and maintaining a proactive stance towards security. Implementing Access Control Mechanisms: Strengthen access control measures, including two-factor authentication, biometrics, and robust identity management systems. Regularly review and update access privileges to ensure that they align with job roles and responsibilities. Implementing Continuous Monitoring: Deploy comprehensive monitoring systems that detect anomalous behavior, such as unusual access patterns or data exfiltration attempts. Real-time monitoring and alert systems enable timely responses to potential threats. Conducting Background Checks: Perform thorough background checks on individuals during the hiring process and at regular intervals during their employment, including screening of criminal records, terrorism risk indicators, and previous employment history. The information required and frequency of the checks will depend on the role of the candidate and the access to security-sensitive areas/information which they are permitted. Implementing a Whistleblower Program: Establish a confidential reporting mechanism to encourage employees to report any suspicious activities or concerns regarding aviation security. Ensure that employees feel protected from retaliation when reporting such incidents. Implementing Data Loss Prevention (DLP): Deploy DLP solutions to monitor and prevent the unauthorized transfer, storage, or disclosure of sensitive information. These systems can detect and block attempts to exfiltrate data by insiders.

Enhanced Background Checks can include:

Employment referencing and gap period analysis (Aviation Vetting Requirement )

) DBS or Disclosure Scotland certificate (Aviation Vetting Requirement)

Overseas criminal record checks (If Required, Aviation Vetting Requirement)

Identity Check and right to work verification (Aviation Vetting Requirement )

) GSAT (General Security Aviation Training – Vetting Requirement)

CAA Security Interview (Aviation Vetting Requirement)

Address validation (Aviation Vetting Requirement)

Financial summary reports / financial detail reports (credit check, bankruptcy, IVA, CCJ)

Qualification verification (including professional memberships and professional qualifications)

Social media profiling

FCA search

CIFAS check

Directorship search

CV analysis

Sanctions check

Drug and alcohol testing

