By Gray Macfie
Security Leadership
Fellow, CITS
By all accounts,
the Pelindaba Research Facility in South Africa is a well-guarded facility,
boasting security measures that make it one of the more insulated HEU research
reactors in the nuclear industry.[1] Despite
such protective measures, on the night of November 7th 2007, a team
of four attackers was able to infiltrate the facility and remain inside for 45
minutes, shooting emergency services officer Anton Gerber in the chest before
ultimately leaving. As this four-man team was operating inside the facility, a
second team fired upon retreating security forces from outside the perimeter.[2] Although
no nuclear material was taken, the assault offers a unique opportunity to study
CBRN security culture. The break-in at the Pelindaba facility was made possible
not by a failure of physical measures, but instead by a lack of proper routines
and practices.
The attack began with a team breaching the fence, picking a spot located in a ravine so as to be out of sight of guards. One man used plastic clips to raise the fence and crawl underneath. Once inside he shut off power to the fence so that the rest of the men could enter. While this relatively well-coordinated security breach took place out of direct sight from guards and the road, the entire 20-minute procedure was caught on camera. However, no guards sounded an alarm, raising a concern from some that the attackers had inside help. [3] Simple routine procedures could have alerted security personnel to the assault. Had the cameras been properly monitored and the break-in reported, it is very likely that they assault on the facility could have been drastically mitigated.
Undetected, the team walked ¾ of a mile inside the perimeter, where they ultimately made it to the emergency control center. Emergency services officer Anton Gerber sounded the alarm after sustaining a gunshot wound to the chest. Gerber estimates that it should have taken approximately three minutes for backup to arrive from the nearby security office. Instead it took security forces 24 minutes to respond. The team ultimately fled, but not before beating Gerber with a metal rod.2
As is often the case, inadequate security culture can be traced back to before the incident took place. In the months leading up to the incident, the South African Department of Energy and Minerals reported a lack of adequate security measures at the facility. A 2006-2007 report shows 0% completion of prescribed design basis threat.[4] In a sense, DBTs are the paradigm of proper security culture. A properly implemented design basis threat would likely have proved invaluable to the security culture of the facility. It would have helped foster a preparedness that was lacking at the time of the assault.
The 2007 attack on the Pelindaba research facility was characterized by an inadequate and delayed response from security forces. As is the case with many security breaches, the human factor remains at the core of the break-in. The Pelindaba attack stands as a reminder to those working in the field of CBRN security that protective measures come not only in the form of alarms and fences, but in a pervading security culture of readiness and competence.
