View as a webpage / Share

Volume 21 — Issue 1 | January 8, 2021

DHS S&T’s Master Question List for COVID-19 offers scientifically informed guidance for government decision-makers

The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) has aggregated a Master Question List for COVID-19, offering scientifically informed briefs in response to the most common public health questions about what is currently known about COVID-19, and what additional information is still needed. The information is intended for use by those with a non-medical, non-scientific background, but is also rigorously cited by the most current publicly available scientific studies. This resource will be useful to government decision-makers and anyone involved in the operational response to COVID-19.

The first iteration of the DHS S&T Master Question List (MQL) was released to the public on December 21, 2020. A selection of the questions discussed in the current version include:

• Transmissibility – How does it spread from one host to another? How easily is it spread?
• Incubation Period – How long after infection do symptoms appear? Are people infectious during this time?
• Clinical Presentation – What are the signs and symptoms of an infected person?
• Protective Immunity – How long does the immune response provide protection from reinfection?
• Non-pharmaceutical Interventions (NPIs) – Are public health control measures effective at reducing spread?
• PPE – What PPE is effective, and who should be using it?
• Forecasting – What forecasting models and methods exist?

This document will be periodically updated with the latest information. Check back for future updates to the DHS S&T’s Master Question List for COVID-19 webpage. For the latest public health information on COVID-19, consult the Centers for Disease Control and Prevention.

(Source: DHS S&T)

First Responder’s Toolbox on VBIED Preparedness, Recognition and Response

The recent bombing in Nashville, Tennessee on Christmas morning was the result of an explosion reportedly detonated from a recreational vehicle parked in front of an AT&T building in downtown Nashville.  Prompt action by local police to evacuate building occupants prior to the explosion prevented fatalities. The high potential for loss of life and property in these types of incidents highlights the importance of first responders’ preparedness.

The Joint CT Assessment Team (JCAT) has developed a First Responder’s Toolbox on Vehicle Borne Improvised Explosive Device (VBIED): Preparedness, Recognition, And Response. This is a comprehensive resource for first responders to increase VBIED awareness to aid in preparedness, recognition, and response. It includes:

• A historical overview of the ten VBIED incidents occurring on United States soil since 2010.
• Specific VBIED tactics, concerns and key safety considerations.
• Lists of pre-incident indicators observable on the vehicle itself, as well as other indicators and behaviors related to the vehicle.
• A 3D model of evacuation distances based on explosive capacity.
• Several checklists for use in standard operating procedures for ongoing duties, facility protection, special events and on-scene response to an incident involving a VBIED.
• An incident planning tool sheet, including charted ranges of evacuation distances by explosive capacity and references for additional information.

First Responder Toolboxes are developed by the Joint CT Assessment Team (JCAT) and hosted by the Office of the Director of National Intelligence (ODIN). You can view the archive of the First Responder Toolboxes at ODIN’s First Responder Toolbox page.

(Source: ODIN)

Highlights

DHS S&T’s Master Question List for COVID-19 offers scientifically informed guidance for government decision-makers

First Responder’s Toolbox on VBIED Preparedness, Recognition and Response

DHS’s Blue Campaign recognizes National Human Trafficking Awareness Day on January 11

National 911 Annual Report released

Cyber Threats

The U.S. Fire Administration operates the Emergency Management and Response – Information Sharing and Analysis Center (EMR-ISAC).

For information regarding the EMR-ISAC visit www.usfa.dhs.gov/emr-isac or contact the EMR-ISAC office at: (301) 447-1325 and/or fema-emr-isac@fema.dhs.gov.

DHS’s Blue Campaign recognizes National Human Trafficking Awareness Day on January 11

DHS’s Blue Campaign is a national public awareness campaign, designed to educate the public, law enforcement and other industry partners to recognize the indicators of human trafficking, and how to appropriately respond to possible cases. The Blue Campaign works closely with DHS Components and leverages partnerships with the private sector, Non-Governmental Organizations (NGOs), law enforcement, and state and local authorities to prevent human trafficking and protect exploited persons.

National Human Trafficking Awareness Day is recognized each year on January 11th. On this day, the Blue Campaign asks people to take photos of themselves and others wearing blue and to post these photos on social media using the hashtag #WearBlueDay.

In addition to promoting public awareness and engagement, the Blue Campaign also provides a robust set of resources and educational materials for law enforcement to help them recognize the indicators of human trafficking when they are encountered. These resources help those in law enforcement focus on serving and protecting the most vulnerable populations. In October of 2020, the Blue Campaign offered a pocket-sized card that campus law enforcement and safety officials can carry with them, providing the indicators of human trafficking as it relates to college students and campuses. The Campaign also offers a two-page fact sheet for law enforcement about immigration relief options for victims of human trafficking.

These and many other resources are available at the Blue Campaign’s website.

(Source: Blue Campaign)

National 911 Annual Report released

The National 911 Program recently released its 2020 National 911 Annual Report, in collaboration with the National Association of State 911 Administrators (NASNA), covering data gathered in the 2019 calendar year. This report provides current and comprehensive state 911 data, voluntarily submitted by states and territories about their own systems.

The report will be of interest to any personnel working in 911 call centers as well as senior staff in emergency management, law enforcement, fire and EMS who may use this data for analysis of their own 911 capabilities for budgeting and planning purposes. The report’s data can help answer key questions, such as:

• How many of each type of 911 calls are answered per year?
• How many primary and secondary public safety answering points (PSAPs) does a specific state have?
• Which states provide Emergency Medical Dispatch and follow a specific formal protocol?
• In which states are there minimum training requirements for telecommunicators?
• How far along are states in the procurement process for specific NG911 parts, functions and components?
• What is the progress toward NG911 in each state?

The National 911 Program’s State of 911 webinar series will be discussing this report as part of an upcoming webinar on January 12, 2021, from 12:00 p.m. to 1:00 p.m. EST. Registration for this webinar is required, however, if you can’t participate, webinars in this series are recorded and posted publicly at the State of 911 Webinar Series page.

(Source: 911.gov)

Cyber Information and Incident Assistance Links

MS-ISAC
SOC@cisecurity.org
1-866-787-4722

IdentityTheft.gov

IC3

Cybercrime Support Network

General Information
Links

FTC scam list

CISA alerts

Law Enforcement Cyber Center

TLP Information

Latest CISA guidance and directives on SolarWinds Orion software supply chain compromise

The Cybersecurity and Infrastructure Protection Agency (CISA) released another Joint Statement on January 5, along with the Federal Bureau Of Investigation (FBI), the Office Of The Director Of National Intelligence (ODNI), and the National Security Agency (NSA). The statement officially acknowledges that the incident is “likely Russian in origin” and likely “an intelligence gathering effort.” Approximately 18,000 customers of the Solar Winds’ Orion product are impacted, but a much smaller number have been compromised by follow-on activity. CISA is identified as the lead agency for asset response and is focused on sharing information about this incident quickly with government and private sector partners.

The significance of this breach has compelled many government agencies to take immediate mitigation measures. CISA has released a CISA Insight, offering concise guidance to leaders of any organization impacted, entitled What Every Leader Needs to Know About the Ongoing APT Cyber Activity.

Microsoft has also been assisting with this cyber incident. Microsoft has created the Solorigate Research Center for information and resources on the SolarWinds compromise.  This information may be useful to IT administrators who are mitigating this cyber incident in their organizations. Microsoft’s blog, Using Microsoft 365 Defender to protect against Solorigate, will also be of interest to cybersecurity professionals.

Visit CISA’s website for the latest official directives and guidance on this significant and ongoing cyber incident.

(Source: CISA)

Recent swatting attacks target residents with camera and voice-capable smart devices

The Federal Bureau of Investigation (FBI) issued this public service announcement to warn users who own smart home devices with cameras and voice capabilities to use complex, unique passwords and enable two-factor authentication to help protect against “swatting” attacks. Swatting is a term used to describe a hoax call made to emergency services, typically reporting an immediate threat to human life, to draw a response from law enforcement and the S.W.A.T. team to a specific location.

Recently, offenders have been using victims’ smart devices, including video and audio capable home surveillance devices, to carry out swatting attacks. Smart home device manufacturers recently notified law enforcement that offenders have been using stolen e-mail passwords to access smart devices with cameras and voice capabilities. The offenders then log into the smart device and hijack features, including the live-stream camera and device speakers.

(Source: Security Week)

Ten benefits of running cybersecurity exercises

There may be no better way to ascertain your organization's strengths and weaknesses than by running regular security drills. While most organizations understand the need to build defenses and develop policies to reduce the risk and potential impact of a successful cyberattack, many fail to rigorously test those defenses.

Cybersecurity exercises are simulations of specific cyberattack scenarios that organizations can play through to put their defenses to a real-world test. Organizations can gain valuable insights into what their real-world response capabilities to such an attack would be. Consider these ten opportunities for achieving greater resilience to cyberattacks that can come from practicing these types of exercises as an organization:

1. Identify your strengths.
2. Improve your response.
3. Train people.
4. Define costs and timescales.
5. Determine external needs.
6. Collect metrics.
7. Identify your weaknesses.
8. Update your policies.
9. Find non-compliance risks.
10. Increase threat awareness.

(Source: DarkReading)

Declaring war against cyber negligence

The recent significant cyberattack involving federal government networks first disclosed in December 2020 by FireEye highlight how critical it is that American businesses and government agencies alike take a drastically different approach to cybersecurity.

Cybersecurity professionals need to shift their focus from “indicators of compromise” to data protection, which will limit how widespread the impact of these vicious digital attacks can be. It is far easier for cybersecurity manufacturers to deliver services from their own cloud. It may be less expensive for the vendor but relying on a “trusted 3rd party” for your security is a foundational vulnerability that has been proven to be disastrous for the customer. Firewalls, antivirus and network monitoring tools still have their place, but a shift must be taken to provide more independence between the owner of data and its protectors.

(Source: ehackingnews)

The InfoGram is distributed weekly to provide members of the Emergency Services Sector with information concerning the protection of their critical infrastructures.

Fair Use Notice:
This InfoGram may contain copyrighted material that was not specifically authorized by the copyright owner. The EMR-ISAC believes this constitutes “fair use” of copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use copyrighted material contained within this document for your own purposes that go beyond “fair use,” you must obtain permission from the copyright owner.

Disclaimer of Endorsement:
The appearance of external hyperlinks does not constitute endorsement of the linked websites or the information, products or services contained therein. Reference to any specific commercial products, process or service by trade name, trademark, manufacturer or otherwise, does not necessarily constitute or imply its endorsement, recommendation or favoring by the EMR-ISAC or the U.S. government.