|
Volume 21 — Issue 9 | March 4, 2021 |
|
While the National Transportation Safety Board (NTSB) encourages air medical transport operators to ensure safety is a priority, even beyond what is currently required by FAA regulations, it also has recommendations to emergency responders when requesting air medical transport to ensure safe operations and support an overall safety culture.
The NTSB has long advocated for the adoption of safety management systems (SMSs) in all flight operations. The implementation of SMSs for all aircraft flight operations was on the NTSB’s list of Most Wanted List of Transportation Safety Improvements for 2019-2020. SMSs force operators to evaluate their risks, as well as their pilots’ skills and flight behavior.
However, under the Federal Aviation Administration’s regulations, on-demand operators like emergency air medical transporters are not required to adopt the same safety program criteria as scheduled flight operators, such as those for commercial airlines. For this reason, air medical flight operators are not yet required to have an SMS in place, although some air medical transport operators may have implemented SMSs voluntarily.
A recent article from ICHIEFS, the official magazine of the International Association of Fire Chiefs, recommends a few key things emergency responders can do prior to requesting air medical transport to help improve overall safety:
- Do the research prior to requesting flights to vet the companies in your area. The Commission of Medical Transport Systems (CAMTS) offers accreditation for medical transport organizations. Most helicopter air ambulance programs in the United States are CAMTS-accredited programs.
- Develop an awareness of how operators in your area determine which flights to accept. Consider shadowing opportunities with flight operators to find out more about how operators in your area make these decisions.
- When requesting air medical transport, be aware of weather conditions. Take note of whether other helicopter operators in the area are turning down flights due to weather concerns. If so, you may need to reevaluate the necessity of air transport.
(Source: IAFC)
The use of Unmanned Aerial Systems (UAS) for public safety is continuing to grow as the Federal Aviation Administration continues to develop regulations for their use. Many resources on UAS programs for public safety have been developed by industry and government.
The Cybersecurity and Infrastructure Protection Agency (CISA) has just released a Public Safety UAS Resource Guide, consolidating available public safety UAS resources into a single document. This product was developed through CISA’s SAFECOM, in collaboration with its National Council of Statewide Interoperability Coordinators (NCSWIC).
This resource may help organizations encountering UAS during emergency response, as may be the case during an event where multiple jurisdictions are involved.
The Guide provides links to publications and other resources containing relevant information about:
- Using UAS.
- Developing a UAS program.
- Engaging with the community.
- Responding to unfamiliar or malicious UAS use.
- Managing UAS with available tools.
For questions about the Public Safety UAS Resource Guide, please contact SAFECOMGovernance@cisa.dhs.gov. Visit CISA’s SAFECOM Technology page for additional SAFECOM and NCSWIC technology resources.
(Source: CISA)
|
|
Artificial intelligence (AI) holds promise in helping prevent, mitigate and manage disasters, but it has significant limitations. Emergency managers should be aware of the considerations for its responsible and ethical use.
AI offers the most promise for disaster management when it is used to enhance forecasting and decision support. It can bring together many different datasets in physical models to generate forecasting information. It can be used in decision support where a lot of contextual knowledge is not required, and it can answer questions as long as there is a clear right answer. For emergency managers, AI can provide management-oriented support, such as optimizing logistics and recovery tasks.
However, to use AI responsibly and ethically for disaster management, AI should always be:
- Based on trusted data.
- Based on collaboration between the technology experts and those with a life safety mission, to determine the right applications for the technology.
- Explainable, which means that the AI not only provides a prediction or recommendation, but also the set of quantitative reasons why AI reached the given conclusion.
- In alignment with privacy policies and ethical considerations when dealing with personal data.
(Source: International Association of CIP Professionals)
The Cybersecurity and Infrastructure Security Agency (CISA), Office for Bombing Prevention (OBP) has published a 90-day course schedule for Virtual Instructor-Led Training (VILT) offerings beginning in March 2021.
Th VILT program was created through a partnership between CISA OBP and the Center for Domestic Preparedness (CBP) in order to provide bombing prevention awareness learning opportunities for first responders, public safety personnel, and private sector partners. VILT courses provide basic bombing prevention information ranging from Improvised Explosive Device (IED) construction and classification to the terrorist attack cycle.
Courses are free and provided by the Department of Homeland Security. Each VILT course is between one and two hours in length and is offered several times throughout the month. They can be taken as stand-alone courses, or they can serve as prerequisites for many other courses from OBP.
VILT courses are conducted with a live instructor online via the Homeland Security Information Network (HSIN) Connect feature. Participants are not required to have a HSIN membership; you can connect as a HSIN member or as a guest.
For more information on the VILT program, see the VILT Program Fact Sheet or visit CISA OBP’s Counter-Improvised Explosive Device (IED) Training and Awareness page.
For the course schedule and to register for any of these courses, visit the OBP VILT Schedule/Registration Page. Please email OBP Training with any questions.
(Source: CISA OBP, CDP)
|
|
NSA issues guidance on Zero Trust Security Model
The National Security Agency (NSA) published a cybersecurity product last week: Embracing a Zero Trust Security Model. This product shows how deploying Zero Trust security principles can better position cybersecurity professionals to secure enterprise networks and sensitive data. To provide NSA’s customers with a foundational understanding of Zero Trust, this product discusses its benefits along with potential challenges, and makes recommendations for implementing Zero Trust within their networks.
The Zero Trust model eliminates trust in any one element, node, or service by assuming that a breach is inevitable or has already occurred. The data-centric security model constantly limits access while also looking for anomalous or malicious activity.
NSA strongly recommends that a Zero Trust security model be considered for all critical networks within National Security Systems, the Department of Defense’s critical networks, and Defense Industrial Base critical networks and systems. NSA notes that Zero Trust principles should be implemented in most aspects of a network and its operations ecosystems to become fully effective. To address potential challenges of implementing Zero Trust solutions, NSA is developing and will release additional guidance in the coming months.
(Source: NSA)
CrowdStrike list of connections and how cybercrime groups cooperate
Cybersecurity reports often talk about threat actors and their malware/hacking operations as self-standing events, but, in reality, the cybercrime ecosystem is much smaller and far more interconnected than the layperson might realize. Tracking all the connections between groups and their suppliers and who works with who is almost impossible today due to the broad use of encrypted communication channels between parties. In its 2021 Global Threat Report, security firm CrowdStrike has, for the first time, summarized some of the connections that currently exist on the cybercrime underground between various e-crime operators.
Read the full article to see the chart and learn more.
(Source: ZDNet)
Cyber Threat Intelligence League releases 2021 Darknet Report
The CTI League issued its first Darknet Report, cataloging criminal activity related to healthcare and the COVID pandemic. For the first time, the CTI League pulls back the curtain on the CTIL Dark group which works tirelessly to disrupt criminal and harmful behavior, working in support of its healthcare and law enforcement partners.
Findings included:
- The top five ransomware variants that impacted healthcare in 2020 are Maze, Conti, Netwalker, Revil, and Ryuk, affecting over 100 organizations.
- Nearly two-thirds of healthcare cybercrime victims were in North America and Europe, with victims in every populated continent.
- Demand for backdoor access to healthcare networks increased significantly from prior years.
- Ransomware attacks against hospitals jumped in Q4, particularly among small and medium organizations, some of which disrupted patient care.
- The threat group that operated Maze ransomware halted operations and reformed as Egregor.
- Empire marketplace exit-scammed which resulted in many cybercriminal vendors moving their Covid-themed products to other underground marketplaces.
Read the full report: CTIL Darknet Report – 2021
(Source: CTI League)
Dragos 2020 ICS Cybersecurity Year in Review
Dragos has published a 2020 ICS Cybersecurity Year in Review report, an annual analysis of Industrial Control System (ICS)/Operational Technology (OT) focused cyber threats, vulnerabilities, assessments, and incident response insights. The ICS/OT community has long struggled with a lack of public insights into these types of problem areas.
Dragos has created an interactive ICS Cybersecurity Year in Review web page in an effort to make the insights and observations even more accessible to the wider community.
Key findings included:
- Four new threat groups with the assessed motivation of targeting ICS/OT were discovered, accounting for a 36% increase in known groups.
- The abuse of valid accounts was the number one technique used by named threats.
- 54% of service engagements included a finding about shared credentials in OT systems.
- 88% of service engagements included a finding about improper network segmentation.
- 64% of advisories that had no patch also had no practical mitigation advice provided by the vendor.
Read the full report.
(Source: Dragos)
|
|
The InfoGram is distributed weekly to provide members of the Emergency Services Sector with information concerning the protection of their critical infrastructures. |
|
Fair Use Notice: This InfoGram may contain copyrighted material that was not specifically authorized by the copyright owner. The EMR-ISAC believes this constitutes “fair use” of copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use copyrighted material contained within this document for your own purposes that go beyond “fair use,” you must obtain permission from the copyright owner.
Disclaimer of Endorsement: The appearance of external hyperlinks does not constitute endorsement of the linked websites or the information, products or services contained therein. Reference to any specific commercial products, process or service by trade name, trademark, manufacturer or otherwise, does not necessarily constitute or imply its endorsement, recommendation or favoring by the EMR-ISAC or the U.S. government.
Section 504 Notice: Section 504 of the Rehabilitation Act requires that FEMA grantees provide access to information for people with disabilities. If you need assistance accessing information or have any concerns about access, please contact FEMAWebTeam@fema.dhs.gov.
|
|
|
|
|