How Mail Bombs Get Intercepted—And What Happens Next

Credit to Author: Brian Barrett| Date: Wed, 24 Oct 2018 18:06:20 +0000

This week, apparent explosive devices have targeted the mailboxes of former President Barack Obama, former Presidential candidate Hillary Clinton, philanthropist George Soros, and cable news network CNN. Additional reports of suspicious packages have continued to emerge Wednesday, and the situation is still developing. What all of the attempts have in common—aside from prominent liberals as intended recipients—is that they so far have been intercepted before they could cause any damage.

In the Soros case, authorities reportedly believe that the bomb was hand-delivered, rather than going through a parcel service; a caretaker discovered it and contacted authorities, who detonated it safely. The other devices, though, appear to have been caught in advance of their final destination by standard screening processes.

“The US Secret Service has intercepted two suspicious packages addressed to Secret Service protectees,” the agency said in a statement on Wednesday, referring to the packages addressed to Clinton and Obama. “The packages were immediately identified during routine mail screening procedures as potential explosive devices and were appropriately handled as such. The protectees did not receive the packages, nor were they at risk of receiving them.”

A third suspicious package, meanwhile, was found in the mailroom of the Time Warner Center, where CNN is headquartered. In a press conference Wednesday, NYPD Commissioner James O'Neill said the package contained an explosive device, and that additionally there was an envelope with white powder, which is being investigated. Further reports have indicated that congresswoman Maxine Waters, among others, had also been sent suspicious packages. New York Governor Andrew Cuomo stated at a press conference that "a device" had been sent to his office as well, but the NYPD confirmed to WIRED that the package was "deemed to be non-suspicious."1

While the Secret Service and CNN have not commented further, the mail screening that sniffs out potential explosives—not to mention biochemical threats—follows fairly standard protocol.

"Depending on device construction, some people have a signature."

Michael O'Neil, MSA Security

First, there are some common warning signs, according to guidelines from the US Postal Inspection Service, which says it has investigated “an average of 16 mail bombs over the last few years.” Parcels that have excessive postage, for instance, suggest that the sender has sought to avoid direct contact with postal employees at a local branch. The USPIS suggests, too, that mail bombs tend to specify “personal” or “private” delivery, often in distorted handwriting or homemade labels, the latter an attempt to avoid creating evidence. They also may just look weird, with an unusual shape or even protruding wires or oil stains. NBC News posted an image of the purported package sent to CNN, which appears to check many of those boxes.

When contacted by WIRED, the USPIS declined to detail its investigative procedures and operational protocols, citing security concerns. But it does have a system in place. “The Postal Inspection Service has organized response teams nationwide for investigating suspicious parcels through our Dangerous Mail Investigations Program,” the agency said in a statement. “DMI Inspectors are trained to recognize the common characteristics of suspicious mail and are highly proficient in the use of state-of-the-art equipment to include portable X-Ray machines.”

Even packages with no exterior giveaways can be fairly straightforward to sniff out, says Michael O’Neil, former commanding officer of the NYPD counterterrorism division—especially for private screening services, like a company or the Secret Service.

“What’s common in a lot of corporate structures, here in New York City especially, there’s some type of mail service that does some type of screening. Primarily that’s an x-ray machine; they’ll put a package through before it gets up to its intended addressee,” says O’Neil, who currently is the chairman of MSA Security, a private threat protection company whose offerings include explosive screening services. If an x-ray operator sees something suspicious, for instance, they can send the image to MSA Security, whose bomb technicians will help evaluate the threat.

That’s the broad strokes; in practice, the rigor of the screening depends on a given company’s perceived level of threat. Some companies may prefer for the screening process to happen at an off-site location, for instance, both to maximize security and also minimize the financial impact that comes with having to evacuate a building in the event that a suspicious package does surface. Some might choose to screen packages for specific recipients; others may look at every incoming parcel. O’Neil says that certain companies even add bomb dogs to that mix, specially trained canines who can sniff out the odors of common explosives components. Any mail that goes to the US Capitol Complex, or to people under Secret Service protection, automatically gets screened at an offsite location before being routed to its final destination.

In a press conference held by the New York City Mayor, New York Governor, and the NYPD Wednesday, officials said that so far the devices all appear to be pipe bombs.

“It’s a commonly used explosive device. It’s the simplest to prepare,” says O’Neil. It’s also relatively easy to catch. “This would show up clearly. The organic compound of this, it just shoots out on an x-ray, trust me. X-ray machines now are pretty sophisticated. It’s not a black and white image, like the old days. It’s a color image. And that color is organic compounds that teach you different things as a screener. You’ll also see the pipe, the metal. You’ll see the switch, the wires. At that point they’ll say they’ve got a suspicious device here.”

O’Neil notes that many of these packages are designed to go off when someone opens them, making a screening process all the more vital. Heading the packages off at the pass should also help with the investigation into who exactly delivered them, although there’s not a precise roadmap. It starts, though, with careful analysis of the device.

"Even packages with no exterior giveaways can be fairly straightforward to sniff out."

"The incident here today [at Time Warner Center], once the package was discovered, emergency service was notified. They called the bomb squad. The bomb squad was able to safely remove a device contained in that package using the Total Containment Vessel, the TCV, or in simple terms 'the bomb truck,'" said John Miller, NYPD deputy commissioner of intelligence and counterterrorism, at Wednesday's press conference. “FBI special agent bomb technicians will work with our people on how to get it to the next stop, which should be the FBI lab, so all of this evidence can be examined together.”

That initial investigation can yield any number of clues.

“You try to track the parcel, obviously, see if you can get any latent prints off the package itself. Depending on device construction, some people have a signature with that, they do it a certain way,” says O’Neil. And from there, it comes down to good old-fashioned detective work.

Take the recent case of Mark Anthony Conditt, who allegedly terrorized the city of Austin, Texas with a series of mail bombs this spring before taking his own life with an explosive. While investigators said they had gleaned DNA and fingerprint evidence from the packages themselves, what ultimately tipped them off was a combination of cell-tower location data and surveillance video from a local FedEx store.

Plenty of important questions still remain around this round of mail bombs, primarily who sent them and why. But thanks in part to the packages being intercepted before reaching their targets, at least investigators will have plenty to go on.

1 UPDATE 10/24/18 2:41PM ET: This story has been updated to reflect that the package Governor Cuomo referred to was not in fact suspicious.

https://www.wired.com/category/security/feed/