Boston Bomber slipped past while spelling glitch tripped up the law

Filed Under: Featured, Law & order

Russia warned the US that Boston Marathon bomber Tamerlan Tsarnaev was a violent radical Islamist more than a year and a half before the April 2013 bombing, but he slipped past border guards on multiple trips undetected because someone had misspelled his last name in a security database.

Boston Marathon bombing suspectsUS officials had said as much in the days following the bombings, and now it's been confirmed in a House Homeland Security Committee report (PDF) released on Thursday.

The explosions killed 3 spectators and injured 264 others. After their photos had been publicised, the suspects also allegedly shot and killed a police officer from the Massachusetts Institute of Technology during their attempt to escape.

The newly released report confirms and gives context to officials' statements about the misspelled name in the days following the bombings.

US officials at the time had told Associated Press that Tamerlan Tsarnaev, who was killed in a shootout with the police, had been added to a huge classified database of known and suspected terrorists 18 months prior to the bombings.

In fact, the Russian intelligence service FSB - successor to the KGB - twice requested in 2011 that the FBI and the CIA keep an eye on Tsarnaev and let them know if he traveled back to Russia, given possible links to extremists in his ancestral home in Russia's North Caucasus.

The FBI did, in fact, assess Tsarnaev to determine if he posed a terrorist threat, but it didn't find any evidence of terrorist activity. The Boston FBI case agent did, however, set up a record for Tsarnaev indicating that border patrol should notify him if Tsarnaev traveled internationally.

In spite of that, Tsarnaev subsequently traveled internationally multiple times without any warning flags getting through to the FBI agent. Investigative reports have varied on what Tsarnaev did while he was traveling, with some evidence pointing to his being radicalized during his trips.

How did he slip through without being detained and without the FBI agent being notified of his travel? As it is, the report says, there's a lack of documentation regarding who was notified, when or how, or what alerts were shared between agencies.

The House Homeland Security Committee says it doesn't want to point fingers in the wake of the tragic bombings.

It does, however, point out "systemic weaknesses" uncovered in its investigation, including:

  • Insufficient cooperation and information sharing between federal law agencies and local law enforcement;
  • Limited communications between federal agencies;
  • Inadequate resources for screening outbound travelers of interest; and
  • Failure to amend inaccurate or incomplete records held by various agencies.

That last item should ring a bell with anybody who deals with databases.

It boils down to the old computer science maxim: garbage in, garbage out, regardless of how sophisticated and gluttonously data-trawling are the databases in question.

In fact, the report says, the alerts that went up regarding Tsarnaev's movements weren't identical. Specifically, the spelling of his name and the date of his birth were inaccurate, resulting in the lack of a match in the Terrorist Identities Datamart Environment (TIDE).

That database is the country's central repository of some 745,000 known or suspected international terrorists.

In records provided to the committee, an alert entered on 20 October 2011 spelled his last name as "Tsarnayev" and knocked a year off his age.

That alert specifically requested that officials who encounter Tsarnaev "escort [him] to CBP [US Customs and Border Patrol] secondary and detain is mandatory whether or not the officer believes there is an exact match."

From the report:

Because the two … alerts on his name were not identical, and because the [Terrorist Screening Database] record for him was incomplete and inaccurate, Tamerlan Tsarnaev did not receive a secondary examination as he returned to the United States from Russia. Given his interest in jihadist materials, it is possible CBP officials might have found something in his possession that would have revealed the threat he posed. This lack of communication represents a failure to proactively share information that could potentially save lives. Indeed, any further scrutiny upon Tamerlan Tsarnaev's return from Russia might have prevented the bombing if it revealed evidence of his radicalization or of ties to terrorism.

One of the committee's recommendations is that agencies comply with the rules that are already set up around data quality, which would have ensured that they include all identifying information when they nominate names for terrorist databases - not just one version of a name, but all versions, for example.

In fact, in August 2013, the CBP and the National Counterterrorism Center agreed to improve data sharing and "record enhancement" efforts related to the terrorist watchlist. Most particularly, the agencies, along with the Terrorist Screening Center, are now able to automatically transmit data.

Hopefully, that should help to reduce the garbage in part of the equation, if not definitively stop a terrorist act.

Robert Mueller, FBI director at the time of the bombings, has testified before Congress that even if the law had known about Tsarnaev's travels, even if agencies had shared information and all the alerts had been triggered correctly, nothing would have changed.

The bombings would still have taken lives and maimed hundreds.

Could the attack have been prevented with better communication and accurate data input?

It's a tough question to answer, the report concludes, but it shouldn't keep us from asking.

, , , , , ,

You might like

4 Responses to Boston Bomber slipped past while spelling glitch tripped up the law

  1. AgLab · 560 days ago

    Well if you make the haystack so big, don't be surprised if you can't find the needle!

  2. gmd · 560 days ago

    Now they have tightened things up, I feel sorry for anyone who has a similar name and age to anyone on the database:P

  3. Anonymous · 560 days ago

    FYI --- this is an out and out lie...the database uses an algorithm that returns matches and partial matches on any and every piece of data entered ANY even partial return at this subjects level would have resulted in further scrutiny and automatic notifications to multiple agencies...if you read the full report there are many instances of "communication breakdowns" that are not explained... these people are just covering up the fact that they messed up and messed up huge...

    • etMoi · 559 days ago

      Thanks anon, it didn't sound right! I still remember the stories of the 4 year old who wasn't allowed to fly because he had the same name as someone who had been flagged….someone obviously decades older. I doubt one year and one letter off (especially since Russians don't use the same alphabet!) could have been the issue. As always - it's people not doing their jobs!

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

I've been writing about technology, careers, science and health since 1995. I rose to the lofty heights of Executive Editor for eWEEK, popped out with the 2008 crash, joined the freelancer economy, and am still writing for my beloved peeps at places like Sophos's Naked Security, CIO Mag, ComputerWorld, PC Mag, IT Expert Voice, Software Quality Connection, Time, and the US and British editions of HP's Input/Output. I respond to cash and spicy sites, so don't be shy.