Category: Industry News

In 2006, the European Commission introduced regulations to restrict the quantity of liquids being brought onto planes. The Liquid, Aerosol and Gel (LAG) restrictions were implemented as a temporary measure but continue to be enforced ten years later. Shannon Wandmaker was the Aviation Security Policy Assistant Director in charge of implementing LAG restrictions for the Australian Government in 2006/2007. He reflects on the efficacy of the regulations, their limitations and their future.

You may remember that, back in 2006, putting 100ml containers inside your re-sealable, plastic, one-litre bag was supposed to be a temporary solution until a technological fix could be found. Ten years later, the familiar cry of, “Laptops out, belts off, liquids out” can still be heard across passenger screening points around the world.

Why is this Temporary Fix Still with Us, and What Can We Expect in the Future?
On 9 August 2006 a plot to use acetone peroxide liquid explosives to conduct coordinated attacks on multiple aircraft over the Atlantic was foiled by United Kingdom (UK) security agencies. In the immediate aftermath a complete ban on liquids for departing passengers was imposed, but by 4 October the European Commission (EC) had moved to implement the liquid, aerosol and gel (LAG) restrictions we are all so familiar with.

The introduction of the 100ml/one litre LAG restrictions was always designed as a compromise measure that balanced, however clumsily, the need to dramatically reduce the amount of unverifiable liquids brought into the cabin of an aircraft with passenger desire to have liquids on board. At the time there was no viable way of differentiating good liquids from bad. The compromise allowed passengers to bring liquids onto an aircraft that, even if they were explosive, could not create an explosion that would bring down the plane.

By 30 March 2007 most countries had moved to introduce some form of restriction in line with the International Civil Aviation Organisation (ICAO) requirements that had been introduced by that time.

One of the first implementation challenges was screener distraction. With screeners pushed to focus on identifying LAGs, there was the real possibility other threats were being missed. The hype surrounding rogue water bottles overshadowed all other screener functions, leading to situations where officers were more interested in shampoo than detonator cord.

In addition, while standard X-ray equipment could assist capable operators identify eye drops in the bottom corners of handbags, walk-through metal detectors (WTMDs) were wholly inadequate for the task of detecting the LAG threat. Some regulators attempted to address this through the implementation of random body searches, and then later through the half-hearted roll out of body scanners, while other regulators, both then and now, turned a blind eye to this gap in the system. Even the introduction of body scanners more than three years later was not a response to the LAG threat, but a response to the exploitation of the weakness of WTMD by Umar Farouk Abdulmutallab, the 2009 underpants bomber.

One of the problems was that, in 2006, the technology to screen LAGs simply didn’t exist at ‘passenger throughput friendly’ levels. The EC tied themselves into regulatory knots trying to legislate the phasing out of LAG restrictions and mandating a technological solution. The deadlines for this phase out slipped multiple times over the years, and even today has not been fully achieved.

While the EC busied itself imposing arbitrary deadlines, other countries grappled with the issue of whether to impose inbound restrictions in addition to the outbound restrictions. Those that did, like Australia and the US, thus commenced the long dance down the nuanced road of not imposing extra-territorial measures legally, but nonetheless imposing them practically. By imposing LAG restrictions on airlines flying into a country, the real impact was to push the screening problem to the last port of departure (unless the captain was of a mind to have everyone throw their additional fluids out a side door as the aircraft entered sovereign airspace). This neatly sidestepped the legal issues, while condemning countries to years of international backlash from affected regulators.

With developments in the type and frequency of terrorist attacks against the aviation industry, airport security measures have had to evolve in order to protect against threats posed both by passengers with malicious intent as well as by the insider threat. However, aircraft design also has a significant role to play in foiling inflight attacks and, in several incidents, the aircraft assembly has proven itself robust enough to withstand an inflight explosion, allowing the pilot to land safely. Shalini Levens discusses what aircraft manufacturers are doing to make aircraft more resistant both to attempted bombings and to the emerging threat of cyberattack.

When a Somali military court convicted ten suspects for organising this February’s bomb attack on Daallo Airlines, the reality of the potential for further significant attacks on the industry became apparent. The explosion on the Daallo Airlines Airbus 321 flight occurred around 15 minutes after take-off from Mogadishu, when the plane was at approximately 11,000ft (3,350m). Only the bomb carrier was killed and the pilot was able to make an emergency landing back at Mogadishu airport, aborting the flight to Djibouti. Somalia’s militant Islamist group al-Shabab took responsibility for the attack, later admitting that it had failed to bring down the aircraft since the aircraft assembly had withstood the blast.

This incident is one of the few examples of aircraft resilience to terrorist attacks after bombs have made it on board and detonated. Another example of an aircraft withstanding an explosion during its journey was the Trans World Airlines (TWA) flight 840 from Rome to Athens in 1986 that exploded 20 minutes before landing due to the detonation of an improvised explosive device (IED) concealed under a passenger’s seat. The blast created a hole in the aircraft’s starboard side, similar in nature to that of Daallo Airlines, killing four passengers who were ejected through the hole in the fuselage. Similarly, in 1994, Philippine Airlines flight 434 operating from Manila to Tokyo via Cebu became a victim of an IED that was placed in a lifejacket under the seat. The explosion killed one passenger while others were injured. The aircraft itself remained intact and the pilot was able to safely land the damaged plane in Okinawa.

The ongoing investigation (at the time of writing) into the loss of EgyptAir flight MS804, en route from Paris to Cairo, has not yet ruled out the possibility that a bomb on board was responsible. Indeed, quite the opposite. With much speculation that the aircraft was the subject of a terrorist bombing, and coming so soon after the Metrojet bombing in Egypt in October 2015 and the Daallo Airlines incident this year, the questions being asked not only focus on what the authorities can do to prevent a bomb being loaded on board, but on what manufacturers can do to ensure that, should a device make it through the security system, damage caused will not be catastrophic.

Aircraft manufacturers are enhancing security in aircraft design via a number of methods. A few of these methods include: aircraft hardening against inflight explosion; assessing and enhancing Least Risk Bomb Locations (LRBL); the provision of systems to prevent hacking and cyber-attacks; flight deck door construction; secondary barriers; the development of systems which limit control of the aircraft to authorised persons, and; systems which might indicate the presence of a stowaway on board.

As the requirement for deportee management increases across the globe, Emirates Group Security has developed a core team trained to deal with this particular type of situation. This article covers the individual selection process, training methods and role of the Special Operations Team, and explains why it is such a vital part of Emirates’ security operations.

As the world’s largest international airline, Emirates is responsible for an ever-growing number of passengers who travel across its global network of over 150 destinations. Last year alone, 50 million passengers travelled with Emirates and as the passenger and destination counts continue to grow, aviation safety and security becomes even more critical.

To keep up with the growing demands of a shrinking globe and increased interconnectedness, Emirates Group Security (EGS), the division responsible for the overall security of the Emirates Group, has developed and built multi-faceted security capabilities to support the growth of the Emirates Group while maintaining the very best standards of aviation security.

One of EGS’s specialist capabilities is deportee management. For many organisations, the role of security escorts or advisors is often contracted to a third party provider and many in the aviation industry are still in search of the most appropriate skill provider. Emirates has taken deportee management to the next level with the creation of a special unit within its security team who are specifically trained to handle such situations.

The Special Operations Team
Within EGS, a unit known the Special Operations Team (SOT) has been specially trained and fully equipped with the necessary skills and tools to escort deportees and manage disruptive and potentially high-risk passengers. Members of the special unit are also deployed as AVSEC officers for high profile and security flights and to co-ordinate ground security measures. These personnel work tirelessly behind the scenes to ensure the utmost levels of security are maintained both in the air and on the ground. The concept of SOT is unique in that it brings together staff with diverse experience and capabilities who are trained in techniques that have been developed internally by EGS and operate according to protocols that have evolved over years of experience.

The entire process, from recruiting to training of SOT members is handled in-house using an evidence-based approach honed over the years. The learning and development teams at EGS, have also developed tailored defensive and tactical martial arts programmes called Advance Control Techniques (ACT) for ground staff, and Advanced Restraint Techniques (ART) for cabin crew.

Developed in 2005, these specialised forms of martial arts incorporate techniques influenced by Tae-Kwan-Do, Eskrima and Win-Chung. They aim to deal with a restraint situation in a close-quarter environment (such as an aircraft cabin) within the shortest possible time with minimal use of physical force. The curriculum also incorporates the elements of the Tokyo Convention and is designed to meet the requirements of ICAO Annex 6, Chapter 13, and equip staff with necessary self-defence skills.

The success of the programme was years in the making, beginning with an EGS commissioned study into the profile of previous deportees to fully understand what the needs of deportee management were and how to meet them. Working closely with stakeholders and Edith Cowan University of Western Australia, the study analysed data on deportees and this provided insight into the kind of team required and the training that needed to be developed to equip this newly formed team. The most important findings included the effectiveness of the element of deterrence to prevent an undesirable situation from occurring, and the element of surprise in affecting a restraint should a situation arise. Restraining a person is the last course of action to be taken after all other preventive and cautionary measures have been exhausted. The core focus is on using effective communication as the key to managing conflict in such situations.

EGS recruits special operations personnel from around the world and the 35-strong team, which includes 5 women, currently comprises ten different nationalities including Emirati nationals. The team members bring in a diverse range of experience and capabilities to SOT. The strength of SOT is expected to grow in line with expected increase in the operations performed by the team.

The individuals who are selected to work as part of SOT are handpicked for their communication skills as well as their physical strength. Potential candidates are taken through an extremely thorough and careful assessment process involving a written test, group discussion sessions, IQ test and role play scenarios to ascertain suitability for the unique job description. On average, EGS selects 2 out of every 100 applicants.

Turkish investigators pored over video footage and witness statements on Wednesday after three suspected Islamic State suicide bombers opened fire and blew themselves up in Istanbul’s main airport, killing 41 people and wounding 239.

The attack on Europe’s third-busiest airport was the deadliest in a series of suicide bombings this year in Turkey, part of the U.S.-led coalition against Islamic State and struggling to contain spillover from neighboring Syria’s war.

President Tayyip Erdogan said the attack should serve as a turning point in the global fight against terrorism, which he said had “no regard for faith or values”.

Five Saudis and two Iraqis were among the dead, a Turkish official said. Citizens from China, Jordan, Tunisia, Uzbekistan, Iran and Ukraine were also among the 13 foreigners killed.

One attacker opened fire in the departures hall with an automatic rifle, sending passengers diving for cover and trying to flee, before all three blew themselves up in or around the arrivals hall a floor below, witnesses and officials said.

Video footage showed one of the attackers inside the terminal building being shot, apparently by a police officer, before falling to the ground as people scattered. The attacker then blew himself up around 20 seconds later.

“It’s a jigsaw puzzle … The authorities are going through CCTV footage, witness statements,” a Turkish official said.

The Dogan news agency said autopsies on the three bombers, whose torsos were ripped apart, had been completed and that they may have been foreign nationals, without citing its sources.

Broken ceiling panels littered the kerb outside the arrivals section of the international terminal. Plates of glass had shattered, exposing the inside of the building, and electric cables dangled from the ceiling. Cleanup crews swept up debris and armed police patrolled as flights resumed.

“This attack, targeting innocent people is a vile, planned terrorist act,” Prime Minister Binali Yildirim told reporters at the scene in the early hours of Wednesday morning.

“There is initial evidence that each of the three suicide bombers blew themselves up after opening fire,” he said. The attackers had come to the airport by taxi and preliminary findings pointed to Islamic State responsibility.

Two U.S. counterterrorism officials familiar with the early stages of investigations said Islamic State was at the top of the list of suspects even though there was no evidence yet.

Air traffic management is undergoing fundamental cross-border transformation, requiring increased collaboration and service-oriented interaction between its stakeholders. In addition to the anticipated benefits, new ways of working introduce cyber-security risks that need to be well managed. However, it remains to be seen whether risk management frameworks developed for other domains can maintain the cyber-security of future air traffic management services. Mariken Everdij, Bart Gijsen, Andre Smulders, Theo Verhoogt, and René Wiegers investigate state-of-the-art cyber-security practices for air traffic management services, and explore options for the future.

Air Traffic Management (ATM) is currently undergoing a fundamental transformation, implemented by programmes such as Single European Sky ATM Research (SESAR) in Europe and the Next Generation Air Transportation programme (NextGen) in the U.S.A. The transformation is driven by the need to improve the performance of ATM in terms of safety, capacity, environment and economy, leading to the requirement for new developments in operational concepts and deployment of technological enablers. In the context of the Single European Sky (SES) ambition, this transformation takes form in increased collaboration, and a more open and service-oriented interaction between ATM stakeholders.

As part of this transformation, the ATM Information and Communication Technology (ICT) landscape is also gradually changing in terms of the ICT infrastructure, as well as the way ICT-based ATM functions are developed and controlled. In order to accommodate next generation ATM functions, service-oriented architectures are being explored. Within SESAR, a system-wide information management (SWIM) environment is being developed to facilitate the sharing of essential information between all ATM stakeholders. SWIM will introduce new communication methods and technologies, including commercial internet-based solutions.

This development shows that while the SES evolution brings a wide range of business and societal opportunities within reach, the new way of working also introduces cyber-security risks. The openness between collaborating stakeholders is a vulnerability in itself, and a service-oriented way of working increases interdependencies. The ATM sector faces the challenge of successfully achieving the benefits of the SES evolution, while safeguarding the cyber-resilience of the pan-European ATM systems.

Cyber-security requires a structured approach in the form of a management system consisting of a combination of organisational, procedural and technological elements. However, it remains an open question whether cyber-security of future ATM services can be achieved and managed by applying traditional cyber-security and risk management frameworks, which are not specific for ATM. This article presents a view on cyber-security frameworks that are fit for a future with collaborating, interdependent ATM stakeholders. It identifies state-of-the-art and current cyber-security practices for ATM, and illustrates directions for cyber-security methodologies for the future service-oriented SES.

State-of-the-Art Cyber-Security Methods

One of the challenges in addressing ATM cyber-security is to identify relevant and applicable cyber-security methods (including techniques, processes, and approaches). Therefore, a literature search was performed, aiming to collect methods that can be used in support of cyber-security management and risk assessment in ATM.

The literature search was conducted in the public domain, complemented by a search in the SESAR domain and by background knowledge of the research team. Methods found were organised in a list, and details were collected including a brief description of, and references to, source material used.
Some methods were referred to under different names or had become obsolete. Therefore, the list was reduced to 82 distinct and relevant methods. The resulting list was used as a starting point for further study and analysis. It should be highlighted that the result is not exhaustive and that many other methods may be available to support cyber-security analysis.

With developments in the type and frequency of terrorist attacks against the aviation industry, airport security measures have had to evolve in order to protect against threats posed both by passengers with malicious intent as well as by the insider threat. However, aircraft design also has a significant role to play in foiling inflight attacks and, in several incidents, the aircraft assembly has proven itself robust enough to withstand an inflight explosion, allowing the pilot to land safely. Shalini Levens discusses what aircraft manufacturers are doing to make aircraft more resistant both to attempted bombings and to the emerging threat of cyberattack.

When a Somali military court convicted ten suspects for organising this February’s bomb attack on Daallo Airlines, the reality of the potential for further significant attacks on the industry became apparent. The explosion on the Daallo Airlines Airbus 321 flight occurred around 15 minutes after take-off from Mogadishu, when the plane was at approximately 11,000ft (3,350m). Only the bomb carrier was killed and the pilot was able to make an emergency landing back at Mogadishu airport, aborting the flight to Djibouti. Somalia’s militant Islamist group al-Shabab took responsibility for the attack, later admitting that it had failed to bring down the aircraft since the aircraft assembly had withstood the blast.

This incident is one of the few examples of aircraft resilience to terrorist attacks after bombs have made it on board and detonated. Another example of an aircraft withstanding an explosion during its journey was the Trans World Airlines (TWA) flight 840 from Rome to Athens in 1986 that exploded 20 minutes before landing due to the detonation of an improvised explosive device (IED) concealed under a passenger’s seat. The blast created a hole in the aircraft’s starboard side, similar in nature to that of Daallo Airlines, killing four passengers who were ejected through the hole in the fuselage. Similarly, in 1994, Philippine Airlines flight 434 operating from Manila to Tokyo via Cebu became a victim of an IED that was placed in a lifejacket under the seat. The explosion killed one passenger while others were injured. The aircraft itself remained intact and the pilot was able to safely land the damaged plane in Okinawa.

The ongoing investigation (at the time of writing) into the loss of EgyptAir flight MS804, en route from Paris to Cairo, has not yet ruled out the possibility that a bomb on board was responsible. Indeed, quite the opposite. With much speculation that the aircraft was the subject of a terrorist bombing, and coming so soon after the Metrojet bombing in Egypt in October 2015 and the Daallo Airlines incident this year, the questions being asked not only focus on what the authorities can do to prevent a bomb being loaded on board, but on what manufacturers can do to ensure that, should a device make it through the security system, damage caused will not be catastrophic.

Aircraft manufacturers are enhancing security in aircraft design via a number of methods. A few of these methods include: aircraft hardening against inflight explosion; assessing and enhancing Least Risk Bomb Locations (LRBL); the provision of systems to prevent hacking and cyber-attacks; flight deck door construction; secondary barriers; the development of systems which limit control of the aircraft to authorised persons, and; systems which might indicate the presence of a stowaway on board.

Aircraft hardening against inflight explosion has become a trending topic of interest since the loss of Metrojet flight 9268, twenty-three minutes after its departure from Sharm el-Sheikh bound for St. Petersburg. Even though early speculations concluded that Islamic State (IS) was responsible for the attack – and the group even claimed, in Dabiq (its own publication), that a rather crude device utilising a soft drinks can had contained the deadly charge – there were still sources that maintained that the aircraft had been in poor mechanical condition. Another source brought to light the fact that the engines had start failures. The airline denied claims that the aircraft was not in perfect working condition. Nonetheless, all the indicators suggest that the inflight explosion was caused by an improvised explosive device infiltrated on board, and probably by an insider working at the airport.

I never used to be afraid of flying. Ok, sometimes I had sweaty hands in cases of turbulence or I did not feel 100% comfortable taking off, but generally I really enjoyed the entire trip. Even during the less comfortable moments, I put my trust in the reassuringly responsible pilot on the flight deck and believed that no matter what, he would take care of us all and do everything to bring the plane to its destination safely.

But then there was Germanwings flight 9525. In March last year, co-pilot Andreas Lubitz committed suicide by deliberately crashing a plane in the French Alps, killing 150 innocent people, including his fellow pilot. This tragic incident changed my confidence in flying, and I know others for whom the Germanwings tragedy marked a turning point in their perception of ‘flying comfort’.

Please do not try to convince me how safe it is to fly, or point out that the risk of dying in a car is much higher. I also know that this fear I have developed is largely irrational. But rational or not, the suicidal pilot seems to have become a plausible scenario in our minds. This possibility was also brought up recently after EgyptAir flight 804 disappeared from the radar on 19th May, unleashing all kinds of speculation about what may have happened. Almost three weeks have gone by and the whole affair remains a mystery.

With the Germanwings flight we knew quite soon what had happened. The news that an experienced, but apparently very depressed, co-pilot had managed to crash the plane by shutting out the captain who was trying to come back after a toilet break, shocked us all. As expected, regulators jumped on the issue and started to re-evaluate the security risks associated with pilots leaving the cockpit during non-critical phases of the flight.

As horrible as it was, the Germanwings incident proved that current regulations are effective, since the reinforced cockpit door, which was installed following the 9/11 attacks, could not be opened from the outside. But in fact the new regulations created the very conditions allowing this tragedy to occur. Due to the sensitivity of the issue and the immense media coverage, everybody understood that doing nothing was not an option. This led to some obvious overreactions as to how to ‘solve’ the problem. The worst one I remember was the idea to build a toilet inside the cockpit, so a pilot would never have to leave.

Soon after the cause of the Germanwings crash became known, the European Aviation Safety Agency (EASA) issued a so-called Safety Information Bulletin (SIB 2015-04), recommending a ‘two person in the cockpit’ policy to operators. This recommended policy – which became ‘common practice’ – led to other concerns within the aviation community. Because how can you really prevent a suicidal pilot from crashing a plane? And how safe is it to open the cockpit door more regularly? The presence in the cockpit of a cabin crew member with no operational knowledge and a less robust background check will neither improve security nor safety. Besides, any new design or procedure that would enable the flight deck door to be opened from the passenger cabin would reduce the flight deck integrity significantly.

By Capt. Tom Walsh

The United States Transportation Security Administration has been in the news again lately, at least here in the USA. Unfortunately it’s not good news. Recent reports indicate that the wait times to clear security at many airports are becoming very excessive, in some cases more than two hours. Photos are appearing on the internet of lines snaking through terminals and out of sight. I’ve seen it myself in New York and Los Angeles recently. This is all before the busy summer travel season even begins and TSA officials are warning that the problem may get worse. By way of explanation, the TSA say they lost a few thousand employees in 2014 and have only replaced a few hundred of them. Emergency hiring plans and funding have been put in place but personally, I don’t believe it will make enough of a difference at this point. One would think that after 15 years, the TSA would know how to staff correctly.

Much more disturbing are other reports on the effectiveness of TSA screeners. In routine tests undercover federal agents at some major airports used prohibited items and simulated bomb components to test the effectiveness of TSA screeners. The ‘failure to detect’ rate in some of the tests was in the vicinity of an astounding 90%! I’m sure everyone would agree that with the amount of money we spend on aviation security, that number is totally unacceptable.

These statistics have led me to question if aviation security systems in the rest of the world are significantly better than the TSA. If the TSA can get it so wrong with all of the resources of the US government behind them, are airports outside the US significantly better in detecting prohibited items? In my job I travel all over the world and personally experience and observe aviation security systems in many countries. In general, I believe that aviation security is better outside the US, particularly in Europe and Asia and worse in some other areas. While aviation security outside of the US may be more effective, however, we cannot assume that it is of no concern. I’m convinced that prohibited or dangerous items are getting through the world’s screening checkpoints, with limited exception, and that the focus on liquids is one of the main reasons. When screening systems all over the world are focused on detecting ‘things’ instead of ‘intent’, failures such as we are seeing with the TSA must be expected.

It’s now been 15 years since the 9/11 attacks forever changed the face of aviation security. How many billions of dollars have been spent worldwide in the name of aviation security since then? How many more billions are spent each year? How many tonnes of perfectly harmless liquids are confiscated and destroyed in the name of a threat that was never going to happen according to intelligence services? Huge numbers to be sure.

As a pilot, what is perhaps most frustrating is that we spend so much money on methods offering very little protection, and we still have not yet fully mitigated the risk of a 9/11-style attack. We seem to have forgotten that the basic concept of those attacks was to gain access to the cockpit, kill the pilots and use the aircraft as a weapon of mass destruction. If you believe that style of attack could never happen again, you’re wrong.

Most people believe that reinforced cockpit doors have made the threat of a 9/11-style attack impossible. Unfortunately, that’s not true. The door is extremely effective but only when it is closed! On longer flights such as transcontinental or international flights, the door must be opened a significant number of times, for meal delivery, crew changes, lavatory breaks, etc. The flight deck door on a typical international flight opens between 9 and 20 times during each flight. When the door is opened, it is an access, not a barrier. It would take virtually no time to rush the cockpit, enter and possibly subdue or kill the crew. An attacker or attackers would not even need prohibited items. Effective weapons can be made from permitted items brought through security or acquired on board.

On 22nd March, two bombs detonated in the check-in hall of Brussels’ Zaventem Airport, causing a total of 14 fatalities, over 100 injuries and inflicting extensive damage to the building. Head of Security Operations Wilfried Covent elucidates the incident, the recovery operation and what the attack means for the future of security operations at the airport.

In the first minutes after the attack, a conversation occurred between myself and my colleagues to establish a plan of action. During those minutes, we also informed our CEO and the Operations Director of what had happened.

In the meantime, wounded people started to emerge from the terminal, some of whom were being carried out by others, including by security staff.
Soon, the first rescue teams – the fire department of Brussels Airport and medical services – started to arrive on site.

At this point I went outside, crossed the curb, and made my way through the victims to our main office building where our crisis centre is situated. We immediately decided to stop flight operations (departure and arrival), and to concentrate on the organisation of the rescue and evacuation of all people still present in the gate areas of the terminals.

The whole airport was declared ‘landside’, facilitating the emergency services entering airport premises, and making the evacuation more efficient. After a while, government representatives arrived to lead the official crisis management operation with all stakeholders involved.

The situation was now clear: there were two explosions in the landside area inside the terminal, inflicting significant fatalities, casualties, and destruction of the landside area of the terminal building. The nature of the explosions indicated a coordinated and planned terrorist attack. A total of fourteen people died, and over 100 people were badly injured. Our thoughts were – and will always be – with the victims, family, friends and relatives.

The Recovery Operation
Together with the police, we immediately started a complete review of all CCTV records, retrospectively reconstructing the scenario from the arrival of the three terrorists by taxi at the airport (around 07h32) until both explosions took place at either end of the terminal.

While watching the footage of the terrorists arriving, the reality of the situation became clear: there were three terrorists, each one probably carrying a bomb, but there had only been two explosions. Therefore, we concluded, it was likely that one terrorist had escaped leaving an unexploded bomb still in the terminal. We immediately informed the rescue and police services to evacuate the terminal and to keep a wide perimeter around the potential third bomb.

Once evacuation had been completed, military experts arrived on site and initiated a controlled explosion of the third bomb. This caused huge damage to the terminal, but fortunately caused no further injuries.

During the first few days after the attack, the airport was closed, both for departures and arrivals, and crisis management operations were underway 24-hours a day. It took just six days to build a temporary terminal, complete with check-in facilities, ticketing desks and a capacity of 800 passengers/hour, (the same capacity as a regional airport). This was an immense job, which could only be realised in such a short space of time by working closely with a dedicated and unified team.

On 22nd March 2016 special correspondent for the Georgian Public Broadcaster, Ketevan Kardava, was standing at the Brussels Airlines ticket desk at Zaventem Airport when two bombs detonated just metres away from her. In the minutes that followed, Kardava, miraculously unscathed, took twelve photographs of her fellow survivors, which were circulated internationally on social media and in the press. These iconic images quickly became synonymous with the terrorist attack on Brussels, and gave the world unparalleled insight into the nail bomb explosions and their victims. In an interview with Alexandra James, Kardava discusses her experience, the effect it has had on her since and the criticism she has received for taking the photographs.

“I was going to Switzerland, to Geneva, to cover Georgian-Russian international talks,” Ketevan Kardava explains during our conversation. “I missed the first flight. I was waiting for a call from my office and then I was trying to get some information about the second flight… It was just a chain of events which led to me being there at the time of the first explosion.”

On the morning of the 22nd March 2016, the departure hall of Zaventem Airport was crowded and bustling. Kardava recalls seeing people standing around, checking their flights and drinking coffee. Nothing seemed out of the ordinary, except perhaps for one thing: “When I looked to my right, I saw something black. It was a… I don’t know, a suitcase or some luggage. It was a bag and no-one was standing near it… I was thinking about it because the armed soldiers and police were walking around… When the police questioned me that day in the airport, I told them that maybe it [the device] was the suitcase.” I ask her whether they thought it was a possibility at the time. “It was possible, yes.”

We now know that the attacks were carried out by suicide bombers, but Kardava’s awareness of the unattended bag and the presence of armed soldiers and police serve to highlight the context of the attack and the prevailing tension in Brussels. Just four days earlier, Salah Abdeslam, a key player in the Paris attacks of November 2015, was arrested in Molenbeek, 11 miles from Zaventem Airport. For Ketevan Kardava, a journalist living in Brussels, this was all the more relevant: “The day before, I covered the Molenbeek story so these details were all around me… that’s why the first thing I thought was that it was a terrorist attack.”

The Brussels Airlines ticket desk where Kardava was standing was located directly in between where the two nail bombs were detonated. The closest (the second bomb) was just a few metres away. Fortunately, Kardava did not run from the site of the first explosion as this would have meant running directly towards the second bomb, which was detonated eight to nine seconds later.

“The second explosion was much stronger. The sound, the voice; I had never, never, never heard anything like it before.”
The explosions, which killed 11 people and injured over 100, left Kardava shaken but, incredibly, without injury.

“The most shocking moment for me was that I was standing and looking seconds before and there were so many people, and in one minute, less than one minute, I was looking in the same direction and… nobody was standing there. Nobody. Everything had changed.”

After the second explosion, Kardava tells me she ran to a photo booth where she sought shelter from debris falling from the ceiling. She spotted a Japanese woman nearby, uninjured but clearly in shock, who she dragged into the booth with her. “I think we were standing for maybe one minute, maybe one minute and a half. Everything was very quick. And then… we were waiting for the third blast.” Kardava had correctly assumed that there would be a third bomb but, fortunately, it failed to detonate and was later neutralised by the bomb squad after evacuation. While taking cover in the photo booth Kardava also assumed, fortunately incorrectly, that the bombs would be followed by gunfire: “Maybe terrorists will come with their Kalashnikovs and kill us,” she remembers thinking, “because everyone is talking about it…. we remember what happened in Paris.”

It was at this point inside the photo booth, precisely five minutes after the bombs had been detonated, in shock and believing that she was about to be shot, that Kardava reached for her iPhone and started to take the now all too familiar photographs that would illustrate to the world what occurred at Zaventem that morning.