|
Volume 21 — Issue 4 | January 28, 2021 |
|
|
The National Transportation Safety Board (NTSB) released a report, Safety Risks to Emergency Responders from Lithium-Ion Battery Fires in Electric Vehicles (Safety Report 20/01) in November 2020 with outcomes from investigations into several incidents involving electric vehicle fires. This month, the NTSB released safety recommendations, based on the findings of Safety Report 20/01.
Safety issues with high-voltage, lithium-ion batteries used in electric vehicles first gained widespread attention when a Chevrolet Volt caught fire three weeks after a crash test in May 2011. Challenges for responders remain, due to lack of standardized emergency response guidance for incidents involving electric vehicles with high-voltage batteries.
The NTSB created a short video on the safety risks to responders, which summarizes the findings of Safety Report 20/21. The electric vehicle incident investigations discovered three key safety risks: thermal runaway, stranded energy, and battery reignition.
In the full report, the NTSB calls on the National Highway Traffic Safety Administration and electric vehicle manufacturers to provide standardized, vehicle-specific guidance for emergency responders in addressing the implications of these safety risks for fire suppression, mitigation, and safe storage.
The NTSB also recommends that organizations concerned with emergency responder safety inform their members about the circumstances of the fire risks described in the report and the guidance available to emergency personnel who respond to high-voltage lithium-ion battery fires in electric vehicles.
The full Safety Report 20/21 is available on NTSB’s website.
(Source: NTSB)
Jurisdictions establish Emergency Operations Centers (EOC) to meet their unique requirements and needs, so no two EOCs are designed exactly the same. FEMA has released an Emergency Operations Center Toolkit with updated resources for building and maintaining EOCs, in accordance with the National Incident Management System (NIMS).
The EOC toolkit includes:
- A template for an EOC Period Briefing.
- Training exercise instructions and resources for creating Position Task Books from EOC Skillsets, for EOC leaders to become familiar with EOC skillsets and to practice building position qualifications based on organizational needs.
- Guidance for healthcare professionals for coping with stress and compassion fatigue.
- Guidance for disaster responders on preventing and managing stress.
The EOC Toolkit was developed as a concerted effort by FEMA, emergency management stakeholders and subject matter experts representing FEMA, the Department of Health and Human Services and state and private sector partners.
To download the EOC Toolkit as well as other EOC resources developed in accordance with NIMS requirements, visit FEMA’s NIMS Components page.
(Source: FEMA)
|
|
|
The COVID-19 pandemic has made for a very active year for healthcare and emergency medical services. The Assistant to the Secretary for Preparedness and Response (ASPR) has released a digest of all resources developed in 2020 for the healthcare and public health sector stakeholders, within its Technical Resources, Assistance Center, and Information Exchange (TRACIE), including seven topic collections related to the COVID-19 pandemic. This is a concise overview of products created in 2020 which will continue to be relevant to the global response to the COVID-19 pandemic in 2021.
As planning and rollout for the COVID-19 vaccine continues, emergency managers, planners and emergency medical personnel may also be interested in the COVID-19 Vaccine Resource Topic Collection created by ASPR TRACIE. The Vaccine Resources collection focuses on vaccine-specific plans, tools, templates and other immediately implementable resources to help with COVID-19 preparedness, response, recovery and mitigation efforts.
(Source: TRACIE)
Due to circumstances surrounding COVID-19, the United States Fire Administration (USFA) has announced that the open application periods for acceptance into the National Fire Academy's Managing Officer Program and Executive Fire Officer Program are suspended. The National Fire Academy (NFA) will resume taking applications for these programs in January 2022 for acceptance into the programs beginning in fiscal year 2023 (October 2022 – September 2023). Students who applied in 2020 will not be affected.
Although many training opportunities offered by the NFA have been postponed or cancelled due to circumstances surrounding COVID-19, the USFA has announced that the NFA is now accepting applications for course vacancies. A complete list of NFA’s vacancies for courses currently being offered in 2021 is now available and is updated every Monday and Thursday. Course vacancies include both resident and online-mediated offerings.
Those interested in applying for any of these courses should review the selection criteria and prerequisites in the flyer for the course they wish to apply for, then submit a General Admissions Application. You can find instructions on how to apply for courses by visiting the National Emergency Training Center (NETC) Online Admissions Application page. Applicants should not make plans to participate in any course until you have been notified in writing by the NETC Admissions Office. Refer to the NFA’s application period updates page for the most current information.
(Source: USFA)
|
|
CISA launches campaign to reduce the risk of ransomware
In January 2021, the Cybersecurity and Infrastructure Security Agency (CISA) announced the Reduce the Risk of Ransomware Campaign, a focused, coordinated and sustained effort to encourage public and private sector organizations to implement best practices, tools and resources that can help them mitigate this cybersecurity risk and threat. Ransomware is increasingly threatening both public and private networks, causing data loss, privacy concerns, and costing billions of dollars a year.
In this campaign, focused particularly on supporting COVID-19 response organizations and K-12 educational institutions, CISA is working to raise awareness about the importance of combating ransomware as part of an organization’s cybersecurity and data protection best practices. Over the next several months, CISA will use its social media platforms to iterate key behaviors or actions with resource links that can help technical and non-technical partners combat ransomware attacks. CISA has established a new one-stop resource at cisa.gov/ransomware.
(Source: CISA)
More cybersecurity firms confirm being hit by SolarWinds hack
Two more companies have emerged in the SolarWinds breach, claiming that they were targeted by the same threat actor that breached the IT management solutions provider SolarWinds. The attack was a sophisticated supply chain hack that eventually went on to install backdoors in United States agencies’ systems. Experts believed that the incident might be related to the SolarWinds breach, which affected Microsoft as well. On Tuesday, researchers confirmed that the certificate theft was carried out by the same Russian hackers as the SolarWinds software compromise. The threat actor was able to exfiltrate encrypted service account credentials created by United States and United Kingdom customers.
(Source: OODA Loop)
CISA releases Malware Analysis Report regarding SUPERNOVA
On January 27, 2021, CISA released a Malware Analysis Report (AR21-027A) providing a detailed analysis of several malicious artifacts affecting the SolarWinds Orion product, which have been identified by the security company FireEye as SUPERNOVA. According to a SolarWinds advisory, SUPERNOVA is not embedded within the Orion platform as a supply chain attack; rather, it is placed by an attacker directly on a system that hosts SolarWinds Orion and is designed to appear as part of the SolarWinds product. CISA's assessment is that SUPERNOVA is not part of the SolarWinds supply chain attack described in Alert AA20-352A.
(Source: CISA)
Multiple vulnerabilities in Apple products could allow for arbitrary code execution
Multiple vulnerabilities have been discovered in Apple Products, the most severe of which could allow for arbitrary code execution. Here is the list of affected products:
- tvOS is an operating system for the fourth-generation Apple TV digital media player.
- watchOS is the mobile operating system for the Apple Watch and is based on the iOS operating system.
- iPadOS is the successor to iOS 12 and is a mobile operating system for iPads.
- iOS is a mobile operating system for mobile devices, including the iPhone, iPad, and iPod touch.
- Xcode is an integrated development environment (IDE) for macOS.
For recommended actions to address these vulnerabilities, see the MS-ISAC’s Advisory 2021-015.
(Source: MS-ISAC)
|
|
The InfoGram is distributed weekly to provide members of the Emergency Services Sector with information concerning the protection of their critical infrastructures. |
|
|
Fair Use Notice:
This InfoGram may contain copyrighted material that was not specifically authorized by the copyright owner. The EMR-ISAC believes this constitutes “fair use” of copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use copyrighted material contained within this document for your own purposes that go beyond “fair use,” you must obtain permission from the copyright owner.
Disclaimer of Endorsement:
The appearance of external hyperlinks does not constitute endorsement of the linked websites or the information, products or services contained therein. Reference to any specific commercial products, process or service by trade name, trademark, manufacturer or otherwise, does not necessarily constitute or imply its endorsement, recommendation or favoring by the EMR-ISAC or the U.S. government.
|
|
|
|
|
