|
Volume 21 — Issue 17 | April 29, 2021 |
|
|
Sponsored by the International Association of Fire Chiefs (IAFC) Safety, Health and Survival Section, the National Volunteer Fire Council (NVFC), and the National Fire Protection Association (NFPA), the 2021 Firefighter Safety Stand Down will take place the week of June 20 to 26, 2021.
This year’s theme is “Rebuild Rehab.” Firefighting puts intense strain on firefighters, both physically and mentally. It is critical that firefighters receive a comprehensive rehab program after fire incidents.
The Safety Stand Down campaign encourages departments to suspend non-emergency activities for a week to conduct safety training focused on physical and psychological rehab, which are critical to mitigating the physiological and mental impacts of firefighting. Departments are encouraged to re-visit rehab procedures to ensure that post-incident protocol covers all areas of health and safety, including cardiac, nutrition, exposure, psychological, hydration, and heat stress.
Education and training resources are available on the Safety Stand Down website for fire departments to use within their programs throughout the week. Some of the resources supporting “Rebuild Rehab” include:
The NFPA will host the annual 2021 Safety Stand Down Quiz. Everyone who completes the quiz will receive an entry into a sweepstake to win one of 200 commemorative Safety Stand Down challenge coins.
(Sources: IAFC, NVFC, NFPA)
The Department of Homeland Security’s Countering Weapons of Mass Destruction Office (CWMD) recently completed a technical refresh of 60 mobile Radiation Portal Monitors (mRPMs) currently deployed and used by U.S. Customs and Border Protection (CBP). The refresh on the existing mRPMs will improve the operational efficiency, utility, and maintainability of the fleet.
Radiation Portal monitors (RPMs) are detection devices that provide a passive or non-intrusive means to screen people, vehicles, or other objects for the presence of nuclear or radiological materials. These monitors are used to eliminate the need for individual searches using handheld monitors.
Since RPMs are stationary and primarily used at land borders, CBP operators need a movable radiological detection capability to augment the RPMs to more easily scan cargo at seaports. Having this capability is critical to achieving the legislative requirements in the SAFE Port Act, which requires all containers entering high volume U.S. ports by vessel to be scanned for radiation.
Mobile Radiation Portal Monitors (mRPMs) are truck-mounted RPM systems designed to detect radiation in cargo containers and can operate in either stationary or mobile modes. For more than a decade, CBP has relied on the use of mRPMs to counter radiological threats.
In July 2020, partners at the Department of Energy designated the project of giving the fleet of mRPMs a technical refresh as mission critical. The CWMD then partnered with Pacific Northwest National Laboratory (PNNL) to design and develop a prototype of the technology refresh that led to the recent improvements to the fleet.
(Source: Homeland Security Today)
|
|
|
The United States Department of Justice (DOJ) announced that the Office of Community Oriented Policing Services (COPS) has released approximately $58 million in grant solicitations to help combat opioid and methamphetamine use and promote the health and safety of our nation’s law enforcement officers.
The COPS Office is the federal component of the DOJ responsible for advancing community policing nationwide. COPS provides the resources needed to reduce crime and build trust between law enforcement and the communities served.
The funding is provided across three competitive grant programs:
- The COPS Anti-Heroin Task Force Program (AHTF) provides funds directly to state law enforcement to locate and investigate illicit activities related to the distribution of heroin, fentanyl, carfentanil, or the unlawful distribution of prescription opioids.
- The COPS Anti-Methamphetamine Program (CAMP) provides funds directly to state law enforcement agencies to investigate illicit activities related to the manufacture and distribution of methamphetamine.
- The Law Enforcement Mental Health and Wellness Act Program (LEMHWA) provides funding to improve the delivery of and access to mental health and wellness services for law enforcement through the implementation of peer support, training, family resources, suicide prevention and other promising practices for wellness programs.
Grant applications for the AHTF and CAMP programs must be received by June 10, 2021 at 7:59 p.m. EST. Grant applications for the LEMHWA program must be received by June 3, 2021 at 7:59 p.m. EST. Note that if you are submitting an application for any of these grants through Grants.gov, the deadline is June 3, 2021 for all three programs.
For more information on COPS Office funding, please visit the COPS grants page. Contact COPS at 800-421-6770 or askCopsRC@usdoj.gov with questions.
(Source: DOJ)
This past year has been a tremendous strain on emergency responders, who have been heavily involved in the nation’s response to the COVID-19 pandemic. Many have died in the line of duty from COVID-19 and many more have been infected. Additionally, response systems have been strained, and Personal Protective Equipment (PPE) and protection guidelines have been retooled.
A recent roundtable discussion by a panel of four research and fire service experts was conducted to review the potential implications of the longer-term impacts of COVID-19 for firefighters, the fire service and public safety.
Early reports on the COVID-19 pandemic have described a post exposure syndrome where individuals who have recovered from an acute SARS-CoV-2 infection experience prolonged cardiovascular, pulmonary and neurological consequences. Individuals who suffer from this syndrome are referred to as COVID “long haulers.”
Statistics from the research are presented in this discussion, which support this emerging trend:
- Up to 25 percent of individuals in the general population have symptoms for more than four weeks.
- Up to 10 percent have symptoms after 12 weeks.
- In one study of outpatients with mild disease, 30 percent had persistent symptoms after six to nine months.
The research and issues discussed highlight the need to remain vigilant. It is important to do what we can with the information currently available to ensure the ongoing safety and health of responders.
This roundtable discussion is free to access and now available on-demand. Anyone may register here. The recording duration is about 1 hour and 15 minutes.
(Source: Smart Firefighting)
|
|
Alert (AA21-116A): Russian Foreign Intelligence Service (SVR) Cyber Operations: Trends and Best Practices for Network Defenders
The Federal Bureau of Investigation (FBI), Department of Homeland Security (DHS), and Cybersecurity and Infrastructure Security Agency (CISA) assess Russian Foreign Intelligence Service (SVR) cyber actors—also known as Advanced Persistent Threat 29 (APT 29), the Dukes, CozyBear, and Yttrium—will continue to seek intelligence from U.S. and foreign entities through cyber exploitation, using a range of initial exploitation techniques that vary in sophistication, coupled with stealthy intrusion tradecraft within compromised networks. The SVR primarily targets government networks, think tank and policy analysis organizations, and information technology companies. On April 15, 2021, the White House released a statement on the recent SolarWinds compromise, attributing the activity to the SVR. For additional detailed information on identified vulnerabilities and mitigations, see the National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), and FBI Cybersecurity Advisory titled Russian SVR Targets U.S. and Allied Networks, released on April 15, 2021.
The FBI and DHS are providing information on the SVR’s cyber tools, targets, techniques, and capabilities to aid organizations in conducting their own investigations and securing their networks.
Click here for a PDF version of this report.
(Source: CISA, National Cyber Awareness System)
Ransomware group threatens DC cops with informant data leak
Russian-speaking ransomware threat actors have allegedly stolen highly sensitive information pertaining to the Washington DC police department’s informants. The group is called the Babuk group and has issued an ultimatum of three days to pay ransom demands before the data is shared with local gangs and the public. The group has allegedly posted screenshots of the stolen data on their dark web-hosted website to prove the legitimacy of the information.
Information accessed by Babuk likely includes intelligence reports, information on gang conflicts and the jail census, network locations, and other administrative files. The District of Columbia’s Metropolitan Police Department released a statement that did not address the ransomware reports, however, claimed that it was aware of unauthorized access on its server. The FBI is currently investigating the incident. Babuk is not a well-known threat actor group, however, it made headlines for targeting the NBA team the Houston Rockets earlier this week.
(Source: OODA Loop)
Nvidia Warns: Severe Security Bugs in GPU Driver, vGPU Software
Nvidia has disclosed a group of security vulnerabilities in the Nvidia graphics processing unit (GPU) display driver, which could subject gamers and others to privilege-escalation attacks, arbitrary code execution, denial of service (DoS) and information disclosure. Meanwhile, the Nvidia virtual GPU (vGPU) software also has a group of bugs that could lead to a range of similar attacks.
The most severe of the five bugs in the GPU display driver is tracked as CVE-2021-1074, which rates 7.5 out of 10 on the CVSS vulnerability scale, making it high-severity. It exists in the display driver’s installer and allows an attacker with local system access to replace an application resource with malicious files. Such an attack may lead to code execution, escalation of privileges, denial of service, or information disclosure. Another high-severity bug, CVE-2021-1075, rates 7.3 on the CVSS scale.
Nvidia has released patches to mitigate all of the bugs, which uses can download at through the Nvidia Driver Downloads page or, for the vGPU software update, through the Nvidia Licensing Portal. Affected version tables are available in Nvidia’s advisory, released Friday.
(Source: ThreatPost)
CISA and NIST release new interagency resource: Defending Against Software Supply Chain Attacks
A software supply chain attack—such as the recent SolarWinds Orion attack—occurs when a cyber threat actor infiltrates a software vendor’s network and employs malicious code to compromise the software before the vendor sends it to their customers. The compromised software can then further compromise customer data or systems.
To help software vendors and customers defend against these attacks, CISA and the National Institute for Standards and Technology (NIST) have released Defending Against Software Supply Chain Attacks. This new interagency resource provides an overview of software supply chain risks and recommendations. The publication also provides guidance on using NIST’s Cyber Supply Chain Risk Management (C-SCRM) framework and the Secure Software Development Framework (SSDF) to identify, assess, and mitigate risks.
CISA encourages users and administrators to review Defending Against Software Supply Chain Attacks and implement its recommendations.
(Sources: CISA, National Cyber Awareness System)
|
|
The InfoGram is distributed weekly to provide members of the Emergency Services Sector with information concerning the protection of their critical infrastructures. |
|
|
Fair Use Notice:
This InfoGram may contain copyrighted material that was not specifically authorized by the copyright owner. The EMR-ISAC believes this constitutes “fair use” of copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use copyrighted material contained within this document for your own purposes that go beyond “fair use,” you must obtain permission from the copyright owner.
Disclaimer of Endorsement:
The appearance of external hyperlinks does not constitute endorsement of the linked websites or the information, products or services contained therein. Reference to any specific commercial products, process or service by trade name, trademark, manufacturer or otherwise, does not necessarily constitute or imply its endorsement, recommendation or favoring by the EMR-ISAC or the U.S. government.
Section 504 Notice:
Section 504 of the Rehabilitation Act requires that FEMA grantees provide access to information for people with disabilities. If you need assistance accessing information or have any concerns about access, please contact FEMAWebTeam@fema.dhs.gov.
|
|
|
|
|
