At this year’s Academy Awards, director Martin Scorsese finally secured his long overdue Oscars for Best Director and Best Picture with “The Departed,” a murderous mob adventure film. The Oscars, along with February’s National Conference on Cultural Property Protection, which I attended, reminded me about “Topkapi,” the 1964 adventure art heist film centered on stealing a jeweled dagger from Istanbul’s Topkapi Palace Museum. Film buffs recall that Peter Ustinov won the 1964 Academy Award for Best Supporting Actor as an accomplice to the heist, and co-starred with Melina Mercouri. Those who missed the original can look for the remake, “The Topkapi Affair,” starring Pierce Brosnan, due out in 2007.
The dearth of art theft films in recent years doesn’t mean that the threats are diminished – or that there aren’t intriguing stories of art heists and museum security breaches just waiting to be written for the silver screen. Many of these art capers have all the ingredients for a great action film. With a proposed $160 million, 80,000-square-foot movie museum complex in Hollywood for the Academy of Motion Picture Arts and Sciences, which gives the Oscars, the convergence of art, architecture, film, security, and on-screen adventures could reach new dimensions.
Cultural arts facilities need protection from theft, intrusion, fire, vandalism, terrorism, and other disasters. Many incidents concerning looting, theft, illegal export and import, and illicit trafficking of cultural property such as artifacts, artwork, rare books, and antiquities, are documented annually around the world. The Museum Security Network (www.museum-security.org) provides a global overview of security breaches relating to artwork and artifacts.
Inside Jobs are Common
On Feb. 28, 2007, two Picasso paintings, worth $66 million, were stolen from the Paris home of the artist’s granddaughter while she was asleep in her house. Media reports said the theft appeared to be the work of professionals, because the home’s alarms were neutralized and there were no signs of a break-in. The alarm was blocked, indicating the thieves had the code or keys.
One of the most infamous art heists was the March 1990 theft of $300 million worth of paintings from the Isabella Stewart Gardner Museum outside of Boston, which remains unsolved. Rumor has it that the theft occurred while the facility’s security personnel were at an out-of-town security conference, lending credence to the theory that the heist was an inside job, which wouldn’t surprise industry experts.
“85 percent of all museum thefts are internal,” says cultural property security consultant Steven Keller, CPP, of Steven R. Keller and Associates, Ormond Beach, FL. “When work in the museum occurs after hours when guards are not present, contractors pose a serious risk, as do cleaning crews. Cleaners often clean when guards are still in night mode (one guard is in the control room and another is on a distant patrol, but not overseeing activity by cleaners). This is such a pervasive problem that it is rarely addressed by some museums – particularly those in mixed-use facilities, like colleges, which get services from a central facility operation responsible for many buildings. The solution is to have guards present or to clean galleries and collection-bearing areas when they can be attended by staff. In no case should cleaners be able to let themselves in to clean while unattended. The same holds true for building engineers who may need to work alone, such as on campus facilities,” Keller says.
Monitoring personnel and daily operations are only one aspect of museum and cultural property security. Technology plays a vital role, especially since most museum thefts are internal. “Burglar alarms are not the only solution. Closed-circuit television (CCTV) systems serve as deterrents to internal and external thefts. Object-protection systems, such as alarms on each work of art or display case, are very useful and valuable, but it is almost impossible to alarm everything, if not [due to technical reasons], than due to budgets. However, many IT departments want control of digital CCTV systems. Security-system control must remain with the security department. If these systems become too complex, the security or facility manager needs to educate themselves on computer systems and employ their own expert on staff to maintain the systems,” Keller adds.
Many security systems are conveniently integrated; the trend is toward convergence of technologies on one computer system. But, this does not provide good security, Keller contends. “Security systems need to be on their own network, isolated from hackers and other threats. Even if the network is secure, people are lazy and fail to protect passwords. The next billion-dollar museum heist will be undertaken by an IT professional who has access to the security system via the network and is the one person who can cover his tracks entirely! The alarm and access-control system should be on a separate network from other computers. Ideally, removing CD drives and excess USB ports from PCs on the network to isolate them from viruses and hackers should be considered,” he says.
According to Keller, CCTV systems may be useful if on the building-wide computer network so that the images can be viewed from the desktops of other non-security people who have a need to view them, such as curators, facility personnel, or catering staff. Object-protection systems need their own network and should never share the regular alarm-system network, since one virus can kill them all. Intruders don’t need to kill a security system; they just make it “burp” for the few seconds they need to open a door and remove an item. This could easily be achieved in many museums due to a lack of network security.
“It’s easier to rob a museum today undetected than at any time in the past. I can duplicate smart cards and card keys, read RFID tags, hack networks, and easily get a virus onto most museum security systems. About half the museums in the United States use digital dialers rated by the Underwriters Laboratory (UL) as unprotected (formerly Grade C) to send their signal to the central station. I’ve demonstrated how easy it is to buy from the Internet all the tools needed to jam alarm-system cellular dialers and phone systems used to carry alarm signals. All this exotic technology is fine, but we need to get back to basics and pay attention to guards, training, procedures, supervision, and patrols,” Keller observes.