|
Volume 22 — Issue 34 | August 25, 2022 |
|
Two recent medical helicopter incidents illustrate the importance of ensuring a safe landing zone for air medical transport.
On June 30, a close-call incident occurred in Suffolk County, on Long Island, New York. After the helicopter landed at a medevac landing zone and the patient was transferred to the helicopter, a sheet from the fire department ambulance stretcher came loose and was blown into the rotor system. The helicopter was immediately shut down and the patient was transferred to a second aircraft for transport. Fortunately, no one was injured, and the helicopter was soon restored to service, but the potential for damage or injuries from this incident was high.
On July 26, a helicopter responding to a fatal car accident in Butler County, Ohio crashed due to collision with power lines adjacent to the landing zone. The pilot was notified by the fire department of the presence of power lines near the landing zone but was unable to visually locate the lines prior to landing. This crash resulted in injuries to all three crew members. The factors leading up to the crash are under investigation by the National Transportation Safety Board (NTSB Accident # ERA22LA334).
Landing a medical helicopter, especially in an urban environment, is a delicate operation that requires skilled flight crews and personnel on the ground that are trained to establish a safe landing zone.
Following well-rehearsed, pre-planned procedures is essential to safety for all involved. Always consult your own local policies as well as those required by your local air ambulance companies. It is a good idea to include not just the ground personnel from the emergency response agency, but also the pilot and crew of local air ambulance companies when conducting pre-planning and training drills on landing zone procedures. Joint planning and training allow a pilot or flight medic to discuss their requirements with ground crews to ensure a safe landing zone and safe patient transfer.
FirefighterCloseCalls.com provides some tips and training videos for landing zone safety in light of these recent incidents. Responder Safety Learning Network (RSLN) has a free 1-hour, self-paced training module called Special Hazards with a video on how to prepare a safe landing zone for a medical helicopter. You can access this training by creating a free account with RSLN.
Fire and emergency medical services agencies are encouraged to use these free resources to review their procedures for establishing a safe landing zone for air medical transport.
(Sources: FirefighterCloseCalls.com, RSLN, NTSB)
|
|
The National Wildfire Coordinating Group (NWCG) has just released a new Guide for Wildland Fire Modules (PMS 431).
The Guide covers practical “how-to” instructions and reference information for wildland firefighting operations, including:
- Checklists for personnel accountability and mobilization.
- Instructions on how to operate commonly used equipment such as chainsaws, portable pumps, and programmable handheld radios.
- Reference material on weather and fire behavior.
- Common conversion formulas and other reference information for navigation and mapping.
- Phone lists and standard air-to-ground frequencies for air ambulances on wildland fire incidents.
This Guide can be used as a supplemental field reference by anyone responsible for wildland firefighting or prescribed fire operations. It is not intended to replace existing publications, including PMS 461 – NWCG Incident Response Pocket Guide (NWCG IRPG) and PMS 430 - NWCG Standards for Wildland Fire Module Operations, among others.
Access the new NWCG Guide for Wildland Fire Modules on NWCG’s website.
(Source: NWCG)
The Federal Aviation Administration (FAA) just awarded $2.7 million to five universities to support research on the use of drones in disaster preparedness and emergency response.
The five awardees are:
- University of Vermont - $1,195,000.
- University of Alabama Huntsville - $828,070.
- New Mexico State University - $400,000.
- North Carolina State University - $200,000.
- Kansas State University - $145,000.
The universities will conduct research and test procedures for coordination between UAS operators in federal agencies such as Department of the Interior and Department of Homeland Security, as well as coordination between federal, state, and local disaster preparedness and emergency response organizations. The results will help inform requirements, technical standards, and regulations for UAS operations in disaster preparedness and emergency response.
These universities are among the 25 Core Partners within the FAA’s Alliance for System Safety of UAS through Research Excellence (ASSURE). Projects conducted by ASSURE’s coalition of research universities, industry, and government partners are focused on unmanned aircraft systems (UAS) and how to help the drone community safely grow and integrate into the nation’s airspace.
In addition to being part of ASSURE, some of the universities are also part of the FAA’s network of UAS Test Sites. The UAS Test Sites work closely with public safety officials to integrate unmanned technology with public safety procedures. These sites support governmental functions such as aeronautical research, biological and geological resource management, search and rescue, firefighting, law enforcement operations, and much more.
The University of Vermont (UVM) is also working with funding from the Federal Emergency Management Agency (FEMA) to develop educational programs on UAS that will be deployed by FEMA nationwide. The training is intended to help first responders and emergency managers tackle these complex technologies. UVM is leveraging its Spatial Analysis Laboratory to address training topics such as how to use drones for aerial surveillance and the collection of visual data for mapping.
Visit ASSURE’s website to learn more about current and upcoming research projects that are advancing the use of drones in disaster preparedness and emergency response.
(Sources: FAA, ASSURE)
The National Institute of Standards and Technology’s (NIST’s) Public Safety Communications Research (PSCR) Division will host a webinar on Thursday, Sept. 8, from 1 to 2 p.m. EDT.
Representatives from NIST and First Responder Network Authority (FirstNet Authority) will discuss their new Public Safety Immersive Test Center (PSITC), launched in May 2022, and housed within FirstNet Authority’s facilities in Boulder, Colorado.
PSITC provides opportunities to conduct immersive public safety standards and measurements testing. It provides virtual environments equipped for a wide variety of emergency response scenarios like search and rescue and Complex Coordinated Terrorist Attacks. Over time, the center will integrate technologies from other PSCR research areas such as the Internet of Things and analytics.
The webinar will discuss the future of the PSITC and the public safety technology use cases that can be explored and tested there. Learn more about the new PSITC and register for the webinar on NIST’s website.
(Source: NIST)
|
|
CISA releases new Insight on preparing critical infrastructure for the transition to post-quantum cryptography
The Cybersecurity and Infrastructure Security Agency (CISA) released a new CISA Insight, Preparing Critical Infrastructure for Post-Quantum Cryptography, which provides critical infrastructure and government network owners and operators an overview of the potential impacts from quantum computing to National Critical Functions (NCFs) and the recommended actions they should take now to begin preparing for the transition.
While quantum computing promises greater computing speed and power, it also poses new risks to critical infrastructure systems across the 55 NCFs. This CISA Insight incorporates findings from an assessment conducted on quantum vulnerabilities to the NCFs to understand the urgent vulnerabilities and NCFs that are most important to address first and the three NCF areas to prioritize for public-private engagement and collaboration.
View the CISA Insight here. For more information about CISA’s efforts, visit CISA.gov/quantum.
(Source: CISA)
Apple releases security updates for multiple products
Apple has released security updates to address vulnerabilities in macOS Monterey, iOS and iPadOS, and Safari. An attacker could exploit one of these vulnerabilities to take control of an affected device.
CISA encourages users and administrators to review the Apple security updates page for the following products and apply the necessary updates as soon as possible:
(Source: CISA)
|
|
HC3 Analyst Note: Karakurt Threat Profile
Karakurt ransomware group, also known as the Karakurt Team and Karakurt Lair, is a relatively new cybercrime group, with researchers reporting its first emergence in late 2021. The group likely has ties to the Conti ransomware group, either as a business relationship or as a side business with Conti. Karakurt is also known for extensive harassment campaigns against victims to shame them.
The Department of Health and Human Services (HHS) Health Sector Cybersecurity Coordination Center (HC3) has noted at least four attacks affecting the US Healthcare and Public Health Sector since June 2022. The observed attacks have affected an assisted living facility, a dental firm, a healthcare provider, and a hospital.
Read the full Analyst Note from HHS HC3.
(Source: HHS HC3)
Starlink successfully hacked using $25 modchip
A Belgian security researcher has successfully hacked the SpaceX operated Starlink satellite-based internet system using a homemade circuit board that cost around $25 to develop, he revealed at Black Hat. The researcher physically stripped down a satellite dish he purchased and created the custom board, or modchip, that can be attached to the Starlink dish. He developed the tool using low-cost, off-the-shelf parts and was able to use it to obtain root access by glitching the Starlink UT security operations center bootrom.
(Source: threatpost)
Over 80,000 exploitable Hikvision cameras exposed online
Security researchers have discovered over 80,000 Hikvision cameras vulnerable to a critical command injection flaw that's easily exploitable via specially crafted messages sent to the vulnerable web server. The flaw is tracked as CVE-2021-36260 and was addressed by Hikvision via a firmware update in September 2021. However, according to a whitepaper published by CYFIRMA, tens of thousands of systems used by 2,300 organizations across 100 countries have still not applied the security update.
(Source: Bleeping Computer)
Fremont County, Ohio, extends disaster after cyber attack
The government of Fremont County, Ohio, was hit by a cyberattack on Wednesday, Aug. 17. The closure to the public of the Fremont County Administration Building, Health Department, Sheriff's Office and Department of Human Services continued as of Tuesday, Aug. 23.
On Tuesday, the board approved a resolution extending the declaration of a Local Disaster Due to Cybersecurity Attack on Computer Technology Systems for Fremont County, which will be effective through Sept. 13, unless it is terminated before that time. Declaring an emergency has opened doors for more support and assistance.
(Source: Government Technology)
|
|
The InfoGram is distributed weekly to provide members of the Emergency Services Sector with information concerning the protection of their critical infrastructures. |
|
Fair Use Notice: This InfoGram may contain copyrighted material that was not specifically authorized by the copyright owner. The EMR-ISAC believes this constitutes “fair use” of copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use copyrighted material contained within this document for your own purposes that go beyond “fair use,” you must obtain permission from the copyright owner.
Disclaimer of Endorsement: The appearance of external hyperlinks does not constitute endorsement of the linked websites or the information, products or services contained therein. Reference to any specific commercial products, process or service by trade name, trademark, manufacturer or otherwise, does not necessarily constitute or imply its endorsement, recommendation or favoring by the EMR-ISAC or the U.S. government.
Section 504 Notice: Section 504 of the Rehabilitation Act requires that FEMA grantees provide access to information for people with disabilities. If you need assistance accessing information or have any concerns about access, please contact FEMAWebTeam@fema.dhs.gov.
|
|
|
|
|