|
Volume 23 — Issue 18 | May 4, 2023 |
|
The Emergency Responder Safety Institute (ERSI) was founded 25 years ago, in the spring of 1998 by the Cumberland Valley Volunteer Firemen’s Association (CVVFA) and has been working ever since to improve the safety of those who respond to incidents on America’s roadways.
Since its founding, ERSI has established itself as a trusted source for national data collection, analysis, and reporting on responder struck-by incidents.
In 2000, ERSI launched ResponderSafety.com to share all the information it gathers about roadway incident safety, which includes its struck-by incident data and annual struck-by fatality reports, free online training for responders on roadside safety, National Traffic Incident Management (TIM) Training certification, research reports, and much more.
Until 2022, ERSI’s responder struck-by data was derived primarily from open-source news reporting. In 2022, ERSI launched ReportStruckBy.com, a web-based platform that enables responders to voluntarily report struck-by incidents. Now, all roadway emergency responders can be part of the solution to address the gap in the data that is hampering our ability to understand why drivers continue to strike responders.
ReportStruckBy.com has been operational for over a year, and ERSI is receiving submissions to the database on a regular basis.
ERSI encourages all roadway responders to report struck-by incidents to ReportStruckBy.com, whether that incident resulted in death, injury, or property damage. Reporting is anonymous with an option to provide contact information for follow up by ReponderSafety.com. The reporting form takes approximately 3-4 minutes to complete. All fields are optional so you can report as much as you know and skip what you don’t. The site is mobile device responsive for easy reporting from the field or the station. All reports are welcome. ERSI wants as much data as possible on the continuing problem of secondary crashes and struck-by incidents at emergency scenes on the roadway.
Learn more about ERSI’s 25-year history and future plans and the background and goals for its continuing struck-by data collection and analysis efforts. Please share this information widely with all roadway response agencies and encourage colleagues to report struck-by incidents at ReportStruckBy.com. The more widely this reporting system is adopted, the more useful the data will be at informing efforts to enhance responder safety on roadways and ultimately save lives.
(Source: ERSI)
|
|
The Federal Bureau of Investigation (FBI) released its annual report, Active Shooter Incidents in the United States in 2022 in April.
The FBI defines an active shooter as one or more individuals actively engaged in killing or attempting to kill people in a populated area. Implicit in this definition is the shooter’s use of a firearm. The active aspect of the definition implies the ongoing nature of an incident, and thus the potential for the response to affect the outcome. Given these criteria for active shooter incidents, the report does not encompass all gun-related shootings occurring in 2022, such as gang-related violence, drug violence, or self-defense.
The FBI has designated 50 shootings in 2022 as active shooter incidents. The report includes brief narrative summaries of all 50 of these incidents, as well as summary statistics characterizing the incidents and identifying year-over-year trends.
Some notable statistics include:
- Although incidents decreased by 18% from 2021 (61 incidents), the number of active shooter incidents increased by 66.7% compared to 2018 (30 incidents).
- There were 313 casualties (100 killed and 213 wounded).
- One law enforcement officer was killed and 21 were wounded.
- The month of May had the highest number of active shooter incidents (nine), with January and September tied with the least number of incidents (one).
- Based on location, 46% of the incidents occurred in open spaces (23), followed by 28% in commerce (14), 8% in education and residences (four), 4% in houses of worship and government (two), and 2% in health care (one).
- Four shooters wore body armor.
- Twenty-nine shooters were apprehended by law enforcement, seven were killed by law enforcement, two were killed by armed citizens, nine committed suicide, and three remain at large.
This is the eighth report of its kind published since 2014. All past reports and more active shooter incident resources can be found on the FBI’s Active Shooter webpage. You can listen to the latest episode of the FBI’s podcast, “Inside the FBI,” to learn more about this year’s report, the FBI's role in investigating these events and preventing future attacks, and how the Bureau supports victims in the wake of these tragedies.
(Source: FBI)
The Department of Transportation’s (DOT) Pipeline and Hazardous Materials Safety Administration (PHMSA) Office of Hazardous Materials (OHMS) will hold a public meeting to solicit input on the development of the 2024 edition of the Emergency Response Guidebook (ERG). This event will take place virtually on Microsoft Teams on May 16 from 1-4 p.m. EDT.
PHMSA's Emergency Response Guidebook provides first responders with a go-to manual to help deal with hazmat transportation accidents during the critical first 30 minutes. DOT's goal is to place an ERG in every public emergency service vehicle nationwide.
PHMSA is always seeking the input of first responders on how to improve the ERG, which is updated every four years. The first responder community is encouraged to register and attend this public meeting. If you cannot attend, you can also submit your name, organization, contact information, and comments to ERGComments@dot.gov.
(Source: PHMSA)
The United States Fire Administration (USFA) will host its third annual National Fire Data Week from May 15-18, 2023.
USFA will host several information sessions throughout the week:
-
NFIRS+: Looking Beyond Incident Data. This virtual session will be held on Monday, May 15, from 2-3 p.m. EDT. Register for Monday’s session to hear from experts from around the country about how fire departments are looking beyond incident data to better protect their communities.
-
EMS Data in the Fire Department: A Panel Discussion. This in-person session will be held on Tuesday, May 16, at 6 p.m. EDT at the National Emergency Training Center (NETC) in Emmitsburg, Maryland. If you are attending a class at the National Fire Academy on the NETC campus, you are invited to join a discussion on the intersection of fire and emergency medical services (EMS) data. Bring your questions on the National EMS Information System (NEMSIS), the National Fire Incident Reporting System (NFIRS), and everything related to rescue and EMS.
-
Utilization of Data in Metro and Densely Populated Fire Districts. This virtual session will be held on Wednesday, May 17, from 2-3 p.m. EDT. Register for Wednesday’s session to learn more about the unique challenges faced by metro fire departments nationwide. Hear from experts on how fire departments are using data to address these issues head-on.
-
Using Data to Tell Your Story: Conversations with Volunteer Fire Departments. This virtual session will be held on Thursday, May 18, 7:30-8:30 p.m. EDT. Register for Thursday’s session to learn how fire departments of all sizes can use data to help demonstrate the service and value they provide to a community. Learn about the successes, challenges and opportunities facing volunteer and combination fire departments today.
Learn more about National Fire Data Week on USFA’s website. Follow USFA on Twitter for updates on #FireDataWeek23 event activities and to stay informed about USFA’s work.
(Source: USFA)
|
|
CISA urges organizations to incorporate the FCC Covered List into risk management plans
The Federal Communications Commission (FCC) maintains a Covered List of communications equipment and services that have been determined by the U.S. government to pose an unacceptable risk to the national security of the United States or the security and safety of United States persons to national security pursuant to the Secure and Trusted Communications Networks Act of 2019.
As the 6th annual National Supply Chain Integrity Month concludes, CISA reminds all critical infrastructure owners and operators to take necessary steps in securing the nation’s most critical supply chains. CISA urges organizations to incorporate the Covered List into their supply chain risk management efforts, in addition to adopting recommendations listed in Defending Against Software Supply Chain Attacks—a joint CISA and NIST resource that provides guidance on using NIST’s Cyber Supply Chain Risk Management (C-SCRM) framework to identify, assess, and mitigate risks. All critical infrastructure organizations are also urged to enroll in CISA’s free Vulnerability Scanning service for assistance in identifying vulnerable or otherwise high-risk devices such as those on FCC’s Covered List.
To learn more about CISA’s supply chain efforts and to view resources, visit CISA.gov/supply-chain-integrity-month.
(Source: CISA)
|
|
HC3 Sector Alert: New data breaches from Cl0p and Lockbit ransomware groups
Ransomware-as-a-service (RaaS) groups Cl0p and Lockbit recently conducted several distinct attacks, exploiting three known vulnerabilities (CVE-2023-27351, CVE-2023-27350, and CVE-2023-0669). The Cybersecurity and Infrastructure Security Agency (CISA) added the latter two vulnerabilities to its Known Exploited Vulnerabilities Catalog but has not yet added the first. This Sector Alert follows previous HC3 products on Cl0p (Cl0p Allegedly Targeting Healthcare Industry and Cl0p Ransomware) and Lockbit (Lockbit Ransomware, LockBit 3.0, and LockBit 2.0 IOCs), and provides an update on the recent attacks, and recommendations to detect and protect against future ransomware attacks.
Read the full Sector Alert from the Department of Health and Human Services (HHS) Health Sector Cybersecurity Coordinating Council (HC3).
(Source: HHS HC3)
Attacks increasingly use malicious HTML email attachments
Researchers warn that attackers are relying more on malicious HTML files in their attacks, with malicious files now accounting for half of all HTML attachments sent via email. This rate of malicious HTML prevalence is double compared to what it was last year and doesn't appear to be the result of mass attack campaigns that send the same attachment to a large number of people.
"When it comes to attack tactics and tools, the fact that something has been around for a while doesn’t appear to make it any less potent," researchers from security firm Barracuda Networks said in a new report. "Malicious HTML is still being used by attackers because it works. Getting the right security in place is as important now as it has ever been, if not more so."
(Source: CSO Online)
Cybercriminal network fueling the global stolen credit card trade is dismantled
A four-count indictment was unsealed on Wednesday, May 3, in the United States District Court for the Eastern District of New York charging a Russian citizen with access device fraud, computer intrusion and money laundering in connection with his operation of Try2Check, the primary service offering “card-checking” to cybercriminals in the stolen credit card trade.
The Try2Check platform catered to cybercriminals who purchased and sold stolen credit card numbers in bulk on the internet, offering criminals the ability to quickly determine what percentage of the cards were valid and active. As such, Try2Check was a primary enabler of the trade in stolen credit card information, processing at minimum tens of millions of card numbers every year.
In coordination with the unsealing of the charging documents in this case, Try2Check’s websites were taken offline and the State Department issued a $10 million reward for information leading to the defendant’s capture.
(Source: DOJ)
US Marshals to unveil ‘fully reconstituted system’ following ransomware attack
A critical U.S. Marshals Service computer system that has been offline since February after suffering a ransomware attack and data breach will soon be operational again—this time with improved cybersecurity capabilities, according to a U.S. Marshals Service spokesperson.
According to a detailed May 1 report by the Washington Post, the system in question was operated by the Marshals’ Technical Operations Group, a division within the agency that uses sophisticated, secretive technical methods to track suspected criminals through mobile phones, emails and the internet.
The stand-alone system in question has been disconnected since Feb. 17, when the Marshals Service discovered a “ransomware and data exfiltration event” affecting the system, which contained law enforcement sensitive information and personally identifiable information pertaining to subjects of USMS investigations, third parties and certain USMS employees.
(Source: Nextgov)
EVs rev up cybersecurity challenges
Even as the Biden administration recently reaffirmed its commitment to electric vehicles (EVs), questions linger about the ability of charging infrastructure and the vehicles themselves to cope with a cyberattack.
If charging stations are deemed critical infrastructure, that could make the challenge even greater, especially as states add them to public property.
Many state and local agencies carry cybersecurity insurance to insulate themselves from some of the financial costs of an attack on their IT systems, but insurance to cover EV and charging stations is relatively unexplored territory.
A recent report from the IBM Institute for Business Value touched on these new cybersecurity risks and the implications for insurance. The report said that “software-heavy” EVs and their charging stations are in constant communication with other vehicles and the world around them, and while software updates can be delivered quickly to patch security gaps, the large attack surface “lights up the radar of cyber criminals.”
(Source: GCN)
|
|
The InfoGram is distributed weekly to provide members of the Emergency Services Sector with information concerning the protection of their critical infrastructures. |
|
Fair Use Notice: This InfoGram may contain copyrighted material that was not specifically authorized by the copyright owner. The EMR-ISAC believes this constitutes “fair use” of copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use copyrighted material contained within this document for your own purposes that go beyond “fair use,” you must obtain permission from the copyright owner.
Linking Policy and Disclaimer of Endorsement: The appearance of external hyperlinks does not constitute endorsement of the linked websites, or the information, products or services contained therein. We provide these links and pointers solely for your information and convenience. When you select a link to an outside website, remember that you are subject to the privacy and security policies of the owners/sponsors of the outside website. To view information and resources on the policies that govern FEMA web content visit FEMA Website Information.
Section 504 Notice: Section 504 of the Rehabilitation Act requires that FEMA grantees provide access to information for people with disabilities. If you need assistance accessing information or have any concerns about access, please contact FEMAWebTeam@fema.dhs.gov.
|
|
|
|
|