|
Volume 22 — Issue 45 | November 10, 2022 |
|
|
The emergency alert button (EAB) on fire service portable radios is an essential life safety device that must be properly used in a Mayday situation. When the EAB is activated, it gives the firefighter priority and uninterrupted transmission capability.
The National Institute for Occupational Safety and Health (NIOSH) recently released a safety advisory, The Importance of Understanding and Training on the Portable Radio Emergency Alert Button (EAB) during a Mayday. This advisory provides information on the purpose and function of the EAB and communications center capabilities for remote activation.
The advisory was prompted by several incidents investigated by NIOSH’s Fire Fighter Fatality Investigation and Prevention Program (FFFIPP) where a firefighter Mayday was called, the EAB was not used, and the incident led to a line-of-duty death (LODD).
The most recent NIOSH FFFIPP investigation was for a fire at a large residential structure in Maryland on Aug. 11, 2021 that resulted in a LODD. The NIOSH investigation is still ongoing, but Frederick County, Maryland has completed its investigation and released an After Action Report (AAR). Frederick County’s AAR documents 17 rejected radio transmissions from the captain after he fell through the first floor into the basement. His radio transmissions were rejected due to other transmissions on the fire ground. The captain did not activate his EAB button on his portable radio prior to calling his Mayday, nor was he prompted to do so by command or dispatch.
In the bigger picture, use of the EAB when a firefighter is in trouble is part of an overall decision-making process and set of procedures for calling a Mayday. Mayday procedures must be trained on regularly, so firefighters know by rote how to recognize when they need help during an incident, how to call for help using their department’s communications equipment, and how to initiate self-rescue procedures. The more realistic the training scenario, the more effective the training will be to prepare for a real-life Mayday event.
Presently, there are no national Mayday standards for firefighters to be trained to and most states do not have Mayday standards. It is up to each authority having jurisdiction to develop rules and performance standards for a firefighter to call a Mayday.
Project Mayday provides an exhaustive list of types of Mayday scenarios and the kinds of training that should be conducted to prepare for each scenario in its 2021 Annual Project Mayday General Report [PDF, 43 MB], including problems related to air supply, falling through a roof or floor, becoming trapped or unable to move, explosions, no communications, and more.
The United States Fire Administration’s (USFA’s) National Fire Academy (NFA) self-study course, Q0133 - Firefighter Safety: Calling the Mayday presents specific parameters for when a firefighter must call a Mayday. The course may help fire departments in developing and teaching Mayday procedures.
Fire departments are encouraged to download NIOSH’s Safety Advisory and integrate these recommendations for use of the EAB into their department’s Mayday procedures and training.
(Sources: NIOSH, Project Mayday, USFA)
|
|
|
The Cybersecurity and Infrastructure Security Agency (CISA) is observing Infrastructure Security Month throughout November. This year’s theme is “Infrastructure Security is National Security: Drive Down Risk, Build Resilience.”
Critical infrastructure spans everything from healthcare, water, and education to chemical, transportation systems, energy, and much more. Keeping the nation’s critical infrastructure secure is a foundation of our national security.
The threats to our critical infrastructure—cyber, physical, technological, or natural—run the gamut from weather-induced power outages to sophisticated cyber-attacks. It includes physical threats originating here at home, as well as malicious cyber activities launched from across the globe by adversaries seeking ways to disrupt or destroy the essential services we rely on for public health and safety, our economic well-bring, and national security.
Throughout November, CISA will be bringing the world of infrastructure security and resilience to life with interviews and blogs featuring CISA staff and external industry partners, as well as other activities.
CISA encourages everyone to visit CISA’s Infrastructure Security Month web page for more information and resources. You can also follow CISA on social media and join the #Infrastructure and #InfrastructureResilience conversation.
(Source: CISA)
The Federal Emergency Management Agency (FEMA) recently published National Continuous Improvement Guidance, which provides an approach to conduct consistent and rigorous continuous improvement activities before, during and after real-world incidents.
The document is intended for the whole community, including state, local, tribal and territorial (SLTT) partners; nongovernmental organizations; the private sector; and other organizations with emergency management functions. The information in the guidance is presented in several customized “views” tailored to an organization’s maturity level and experience with continuous improvement activities:
FEMA is hosting a series of 60-minute webinars through mid-December to provide an overview of the guidance and discuss revisions based on feedback from the national engagement period held earlier this year. The following are upcoming webinars:
- Webinar 3 – Nov. 17, 4 - 5 p.m. EST. This webinar’s guest speaker will be the Deputy Coordinator of Harris County, Texas, Office of Homeland Security and Emergency Management.
- Webinar 4 - Dec. 2, 11 a.m. - noon EST. Spanish-speaking session. This webinar’s guest speaker will be the Lead Continuity Analyst and the Continuous Improvement Coordinator of the FEMA Region 2, Puerto Rico Caribbean Area Office.
- Webinar 5 - Dec. 13, 10 - 11 a.m. EST. This webinar’s guest speaker will be the Deputy Director of the District of Columbia Homeland Security and Emergency Management Agency.
The guidance is part of FEMA’s Continuous Improvement Program (CIP), which builds preparedness through consistent, agency-wide assessment, program consulting and support, and corrective action tracking.
The National Continuous Improvement Guidance is available as part of FEMA’s Preparedness Toolkit, an online portal that provides the whole community with tools to aid in implementing all six areas of the National Preparedness System. To download the National Continuous Improvement Guidance, please visit https://preptoolkit.fema.gov/web/cip-citap/ncig.
To register for the webinars, visit https://preptoolkit.fema.gov/web/cip-citap/events.
For questions, please contact FEMA-CITAP@fema.dhs.gov.
(Source: FEMA)
The National Policing Institute (NPI) provides a suite of no-cost training, technical assistance, and resources to local, state, and tribal law enforcement agencies with the goal of reducing the number of officers seriously injured and killed on the nation’s roadways.
The NPI is offering two upcoming virtual training opportunities:
-
Nov. 29, 10 a.m. – 3 p.m. EST: Roadway Safety Executive Workshop. This 4-hour executive course provides mid- and executive-level officers with opportunities to discuss how to increase officer safety during roadway operations and lead their agencies in roadway safety.
-
Dec. 16, 9 a.m. – 4 p.m. EST: NLERSP Patrol Officer Virtual Training. This 8-hour course will cover best practices and tactics to improve officer safety during traffic stops, emergency response driving, all-weather driving, and roadway operations while outside of your vehicle.
Participants who complete these two courses are eligible to take an upcoming “Roadway Safety Train-the-Trainer Course,” coming soon in Spring 2023. This 8-hour course will give participants the resources and skills needed to teach the NLERSP training curriculum to other officers during academy or in-service training.
The National Law Enforcement Roadway Safety Program, sponsored by the U.S. Department of Justice, Bureau of Justice Assistance, is a collaborative effort between the National Policing Institute and the Institute for Intergovernmental Research.
Learn more and register for either of these free, virtual training opportunities on NPI’s website.
(Source: NPI)
|
|
Hacktivists use of DDoS activity causes minor impacts
Coinciding with the Russian invasion of Ukraine, the Federal Bureau of Investigation (FBI) is aware of Pro-Russian hacktivist groups employing DDoS attacks to target critical infrastructure companies with limited success.
DDoS attacks of public facing websites, along with web page and social media profile defacement, are a preferred tactic for many operations. These attacks are generally opportunistic in nature and, with DDoS mitigation steps, have minimal operational impact on victims; however, hacktivists will often publicize and exaggerate the severity of the attacks on social media. As a result, the psychological impact of DDoS attacks is often greater than the disruption of service.
The FBI is releasing this Private Industry Notification (PIN) to highlight hacktivism activity and encourage organizations to implement the recommendations in the Mitigations section to reduce the likelihood and impact of distributed denial of service1 (DDoS) attacks.
Read the full PIN from the FBI’s Internet Crime Complaint Center (IC3).
(Source: FBI IC3)
Iranian threat actors and healthcare
Iranian cyber threat actors have historically been risk averse. Cyberattacks provide a means to exploit enemy vulnerabilities while minimizing the risk of escalation or retaliation. They are infamous for wiper malware as well as retaliatory attack strategies.
This Threat Brief from the Department of Health and Human Services (HHS), Health Sector Cybersecurity Coordination Center (HC3) provides an analysis of the Iranian cyberattack landscape; an overview of some Iranian cyber threat actors; Iran cyberattacks in the news; an analysis of Iranian state cyber actors’ attack on the Government of Albania; and tactics, techniques, and procedures (TTPs) and mitigations.
(Source: HHS HC3)
|
|
Some US state election websites knocked offline in DDoS attacks
Some U.S. state websites were briefly knocked offline Tuesday after distributed denial-of-service (DDoS) attacks hit them during the midterm elections. Officials stress, though, that such incidents would not affect vote totals.
In Mississippi, officials confirmed the “abnormally large increase in traffic volume” due to the DDoS activity, which led to some of its websites being “periodically inaccessible” Tuesday afternoon. DDoS attacks have also been reported in Illinois, while in Arizona, local officials were working on fixing malfunctioning electronic voting machines.
A Russian hacker group claimed on Telegram that it was targeting the Mississippi Secretary of State's website to “hit the section that is directly related to the elections.” The hacker group also claimed that it would “attack American Democrats as a gift to the Republicans for the elections,” with its first target being the Democratic National Committee (DNC). The DNC website was down at some point on Tuesday, but it’s not clear what exactly caused the outage.
(Source: Cybernews)
China is likely stockpiling and deploying vulnerabilities, says Microsoft
China's 2021 law required organizations to report security vulnerabilities to local authorities before disclosing them to any other entity. The rules mean Beijing can use local research to hoard vulnerability information. A year later, researchers from the Atlantic Council found there was a decrease in reported vulnerabilities coming from China – and an increase in anonymous reports.
Microsoft's 2022 Digital Defense Report, released last Friday, asserts the Chinese law “might” be enabling the Chinese government to weaponize the vulnerabilities. According to Microsoft, China stepped up its espionage and information-stealing cyberattacks in order to counter the USA's attempts to increase its influence in Southeast Asia.
(Source: The Register)
Cyber threat landscape shaped by Ukraine conflict, ENISA report reveals
The European Cybersecurity Agency (ENISA)’s threat landscape annual report 2022 is heavily influenced by the impact of the Russian invasion of Ukraine on the cyber landscape.
Covering the period from July 2021 up to July 2022, the report was presented under the title Volatile Geopolitics Shake the Trends of the 2022 Cybersecurity Threat Landscape during the Prague Security Conference on November 3, 2022.
“The geopolitical situations, particularly the Russian invasion of Ukraine, have acted as a game changer over the reporting period for the global cyber domain,” reads the report. Examining the monthly breakdown of cyber incidents, the report shows an increase in February and March 2022, around the time of the Russian invasion of Ukraine in late February.
The threat distribution across sectors shows that, while no industry was spared, public and government administrations were still the number one target, accounting for 24.21% of all reported incidents. Public sector attacks, together with those targeting digital service providers and the general public, made up 50% of all threats, with the other half shared by all other sectors of the economy.
(Source: Infosecurity Magazine)
|
|
The InfoGram is distributed weekly to provide members of the Emergency Services Sector with information concerning the protection of their critical infrastructures. |
|
|
Fair Use Notice:
This InfoGram may contain copyrighted material that was not specifically authorized by the copyright owner. The EMR-ISAC believes this constitutes “fair use” of copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use copyrighted material contained within this document for your own purposes that go beyond “fair use,” you must obtain permission from the copyright owner.
Linking Policy and Disclaimer of Endorsement:
The appearance of external hyperlinks does not constitute endorsement of the linked websites, or the information, products or services contained therein. We provide these links and pointers solely for your information and convenience. When you select a link to an outside website, remember that you are subject to the privacy and security policies of the owners/sponsors of the outside website. To view information and resources on the policies that govern FEMA web content visit FEMA Website Information.
Section 504 Notice:
Section 504 of the Rehabilitation Act requires that FEMA grantees provide access to information for people with disabilities. If you need assistance accessing information or have any concerns about access, please contact FEMAWebTeam@fema.dhs.gov.
|
|
|
|
|
