Best practices for risk mitigation and mail threat detection

In today’s world, where socio-economic and political issues have lead to an increasing number of serious threats from foreign and domestic actors, ensuring workplace safety and physical security has become of paramount importance. 

Recent events surrounding the 2024 election, where controversial comments served to accelerate preexisting political divisions, highlighted by societal issues related to anti-Semitic hate crimes and amplified by major international conflicts between Russia-Ukraine and Israel and the Palestinians. These ongoing issues provide increasing motivation for all security professionals to adopt safeguards against mail-based threats including dangerous chemicals, explosives and letter bombs.

Overlooked areas of workplace security

Despite these growing threats, one of the most neglected aspects of workplace security is the lack of annual threat assessments and formal prevention policies for detecting letter bombs, chemical agents, and other hazardous materials. With the increasing use of the mail and package distribution systems to send harmful substances like fentanyl and other contraband, implementing advanced threat detection technologies, proper personal protective equipment (PPE), and structured security policies have become critical. Yet, these measures are often absent from traditional security programs, leaving millions of workers potentially at risk and vulnerable to incidents that can cause respiratory failure, blindness, or even death.

The rising threat of mail-based incidents

According to the 2023 Explosive Incident Report (EIR) by the Bureau of Alcohol, Tobacco Firearms, and Explosives (ATF) U.S. Bomb Data Center (USBDC), bomb threats and suspicious packages have risen significantly. There were 3,203 reported bomb threat incidents in 2023, marking a 26% increase from the previous year, alongside 6,284 suspicious package incidents, up 13%. In response, the Cybersecurity and Infrastructure Security Agency (CISA) has urged organizations to adopt Bomb Threat Management (BTM) plans as part of their security programs. Including a BTM plan in security assessments not only protects people and property but also minimizes disruptions and psychological trauma in the event of a threat.

Election Day threats

On Election Day, November 5, 2024, over two dozen polling sites across Georgia — primarily in the Atlanta area — were targeted with false bomb threats. The majority of these incidents occurred in Democratic-leaning counties such as DeKalb, Fulton, and Gwinnett, seemingly aimed at delaying voter turnout as police conducted precautionary bomb sweeps. The threats extended beyond Georgia, impacting over 50 polling locations across key battleground states, including Pennsylvania, Michigan, Maine, Ohio, Wisconsin, and Arizona. According to Cait Conley, election lead at the Cybersecurity and Infrastructure Security Agency (CISA), all earlier threats were determined to be non-credible.

In Georgia alone, police investigated at least 32 bomb threats at polling places, including locations such as churches, senior centers, community centers, and local libraries. County officials collaborated with law enforcement to execute thorough bomb sweeps, allowing voters to safely return and cast their ballots once the buildings were cleared.

Over 50 bomb threats targeting polling locations in battleground states, disrupting voting and requiring extensive police sweeps to ensure safety. While these threats were ultimately deemed non-credible, their impact highlights the ongoing need for vigilance and preparation. Beyond elections, politically motivated incidents continue to emerge, such as the November 2024 arrest of a man plotting to bomb the New York Stock Exchange and a series of bomb threats targeting schools and public institutions in Springfield, Ohio.

Geopolitical motivations

Prior to the Thanksgiving holiday 2024, several of Donald Trump’s cabinet nominees and picks for his White House team were targeted by bomb threats. According to several news outlets, the FBI said it was aware of “numerous bomb threats” as well as “swatting incidents,” in which hoax calls are made to attract a police response to the target’s home. Threats were made against at least nine people chosen by Trump to lead the Departments of Defense, Housing, Agriculture and Labor, as well as his pick for U.S. Ambassador to the United Nations, among others.

In late November 2024, U.S. law enforcement arrested Harun Abdul-Malik Yener, a Florida homeless man, on charges of planning to bomb the New York Stock Exchange. FBI documents revealed that Yener had stored bomb-making materials and had sought help from undercover agents to obtain explosives. He had expressed his intent to target the Stock Exchange, citing admiration for extremist figures. According to an FBI affidavit, Harun Abdul-Malik Yener, was allegedly recorded saying, “I feel like Bin Laden.” The arrest followed months of investigation triggered by a tip regarding suspicious activity.  

On September 12 through 15, 2024, Springfield, Ohio, experienced a wave of 33 bomb threats targeting schools, hospitals, and public buildings, leading to evacuations. The threats coincided with heightened political rhetoric from national figures, raising concerns about politically motivated disruptions.

Additionally in February 2022, Historically Black Colleges and Universities (HBCUs) faced 60 bomb threats during Black History Month. These threats, intended to intimidate and disrupt, led to campus evacuations and federal investigations. Whether a threat is real or a hoax, incidents such as bomb threats, fentanyl-laced letters, or suspicious packages containing harmful substances can have significant consequences. These threats disrupt organizational operations, create fear, and jeopardize employee safety. Proactive measures are essential to minimize risks and maintain business continuity

The role of proactive security measures

Employers in both the public and private sectors are legally obligated under the Occupational Safety and Health (OSH) Act of 1970 to ensure a safe workplace for employees and others. This includes identifying risks through formal assessments and mitigating hazards such as toxic chemicals, mechanical dangers, or unsanitary conditions. Leadership — including CEOs, COOs, real estate VPs, and facility managers — must prioritize safety.

With increasing mandates for employees to return to offices, proactive measures to address potential CBRNE (Chemical, Biological, Radiological, Nuclear, Explosive) threats are essential. The Bureau of Labor Statistics reported 169.8 million U.S. workers in 2022, with 35% in hybrid roles, highlighting the scale of potential exposure. Risk assessments must go beyond traditional approaches. Integrating CBRNE employee training and detection systems (including X-ray scanning, glove box equipment, and other technologies) into annual security protocols can enhance workplace safety.

Federal institutions like the Bureau of Prisons (BOP) have adopted stringent measures for mail screenings to prevent fentanyl and other contraband exposure. Proposed legislation, such as the Interdiction of Fentanyl at Federal Prisons Act, aims to curb drug-related incidents, as prison deaths from intoxication have risen by over 600% since 2001.

ECS has identified best practices where fentanyl has been sent in letters to prisoners. It’s essential that correctional center mailrooms and logistics operations, include NIOSH-approved, respirator masks, eye protection goggles, and approved NITRILE gloves to minimize skin contact when responding to any situation where harmful liquids, small amounts of fentanyl or other chemicals are suspected in letters or packages.

The devastating impact of undetected threats

The impact of letter bombs or suspicious packages on organizations can be devastating and far-reaching. Some of the key impacts include:

• Physical harm: Potential injuries or fatalities to employees, visitors and responders from explosions or hazardous materials.
• Property damage: Serious destruction to buildings, infrastructure and assets from explosive or chemical agents.
• Operational disruption: Evacuations and investigations disrupt business, education, events and essential public services.
• Psychological impact: Fear and anxiety can cause long-term trauma for individuals and communities.
• Erosion of trust: Public confidence in institutions may decline, harming reputations and morale in affected organizations.

Best practices for mitigating threats

• Early detection: Organizations should utilize advanced mail threat detection technologies, including T-ray terahertz imaging, millimeter wave scanners, glove boxes, and X-ray equipment. These tools enable early identification of threats, allowing rapid responses to protect people and assets. Initial investments in detection equipment may seem significant, but the potential costs of inaction are far greater. 
• Invest in deterrence: The development of advanced security policies combined with awareness posters from (US Postal service and CISA) and investments in detection systems can deter bad actors from exploiting mail and package distribution networks to succeed in malicious threats.
• Enhanced security: Demonstrating a commitment to safety through these technologies fosters trust and ensures public confidence in risk mitigation strategies, benefiting corporations, government agencies, and educational institutions.

The consequences of inaction

For security leaders, the long-term cost of failing to address these critical areas can be devastating.  Major risks include workplace and employee safety, damage to property, potential operational disruptions, psychological trauma, and reputational harm. The financial burden of responding to incidents, loss of productivity, and damage to property and reputation can outweigh the cost of preventative measures. A recent report estimates the total cost of these threats can run an organization upwards of $500 million dollars or more.