|
Volume 23 — Issue 28 | July 13, 2023 |
|
|
The National Law Enforcement Officers Memorial Fund (NLEOMF) just released its 2023 Mid-Year Law Enforcement Officers Fatalities Report, covering law enforcement line-of-duty deaths between Jan. 1 and June 30, 2023.
There have been 52 line-of-duty deaths in the first half of 2023, which represents a 66% decrease compared to the 153 officers who died in the same time period in 2022. While much of the decrease is driven by substantial reductions in Covid-19-related deaths, line-of-duty deaths are down across the board.
AAs in past years, firearms- and traffic-related fatalities are two leading causes of law enforcement officer line-of-duty deaths, but both categories showed significant decreases:
- Twenty-five officers were shot and killed during the first six months of the year, compared to 33 during the same period in 2022, a 24% decrease year over year.
- Eleven officers were killed in traffic-related incidents during the first half of 2023, compared to 30 over the same period last year, a 63% decrease.
The “Other” category in NLEOMF’s report, which includes fatal medical events and all other causes besides firearms- and traffic-related deaths, also showed significant decreases in 2023:
- In the first half of 2023, only two officers have been reported as having succumbed to complications from Covid-19, compared to 72 such officers in the same time period in 2022.
- Fourteen additional officers died of other causes during the first half of 2023, compared to 18 similar fatalities last year during this same period.
While even a single line-of-duty death is never good news, the mid-year 2023 data may be a reason for cautious optimism that conditions may be improving for law enforcement officers.
The statistics released in the mid-year report are based on preliminary data compiled by the National Law Enforcement Officers Memorial Fund and may not represent a final or complete list of individual officers who will be added to the National Law Enforcement Officers Memorial in 2024.
Access the full report at nleomf.org/fatalityreport. You can also access many law enforcement safety and wellness resources and past reports on the NLEOMF website.
(Source: NLEOMF)
|
|
|
The Federal Emergency Management Agency’s (FEMA’s) National Integration Center is offering three informational webinars in the next two weeks on the Emergency Operations Center (EOC) Toolkit for state, local, tribal, and territorial (SLTT) community partners.
Each of the three sessions will be a one-hour presentation covering identical information. The webinars will provide participants with an overview of the EOC Toolkit and how to access the EOC Toolkit and associated resources. These resources can assist SLTT community partners in making improvements so that their EOCs adequately address their jurisdiction's specific needs.
Register for any of the following three sessions using the links below:
-
Session 1 - Tuesday, July 18: 10-11 a.m. EDT.
-
Session 2 - Wednesday, July 19: 3-4 p.m. EDT.
-
Session 3 - Tuesday, July 25: 5-6 p.m. EDT.
Learn more and access the EOC Toolkit on FEMA’s website. Please email FEMA-NIMS@fema.dhs.gov with any questions.
(Source: FEMA)
The U.S. Fire Administration (USFA) recently launched a new geospatial application, the Home Fire Fatalities and Social Vulnerability Explorer. The new tool resides within FEMA’s Geospatial Resource Center, where emergency managers, researchers, and other public health and safety professionals can access world-class geospatial information, services, and technologies to prepare for, protect against, respond to, recover from and mitigate against all hazards.
Since 2012, the USFA has collected information on home fire fatalities. USFA compiles this data through a daily internet search of U.S. news media reports and publishes the data for public access in near-real time. This data is used to help raise awareness about the danger of fire and the frequency of home fire deaths.
The new Social Vulnerability Explorer builds on USFA’s existing home fire fatalities data set by combining it with Social Vulnerability Index (SVI) data provided by the Centers for Disease Control and Prevention (CDC) and the Agency for Toxic Substances and Disease Registry (ATSDR). Together, these 2 datasets create a composite index for assessing potential underlying factors that might contribute to home fire fatalities.
The Social Vulnerability Explorer has significantly enhanced the USFA’s original home fire fatalities data set. The information provided within the interactive map can raise awareness of fire risk and vulnerability at the national, state, and county levels. This increased awareness can assist communities in creating targeted efforts to address fire prevention within vulnerable communities and at-risk groups.
You can access the new Home Fire Fatalities and Social Vulnerability Explorer by going to FEMA’s Geospatial Resource Center and selecting “Structure Fire” from the “Hazard Pages” menu. On the “Structure Fire” page, you can access the new Social Vulnerability Explorer along with many other geospatial tools related to fire hazards, including the American Red Cross’s Home Fire Risk Map and a collection of state and local agency maps exploring community structure fire hazards, fire department response times, wildfire risks, hazard mitigation after wildfire disasters, and more.
(Sources: USFA, FEMA, CDC/ATSDR)
The National Volunteer Fire Council (NFVC), in partnership with the Pipeline and Hazardous Materials Safety Administration (PHMSA), is providing 15 hazardous materials train-the-trainer workshops in 2023 and 2024 as part of its Partners in Training (PIT) Crew program.
These workshops are offered at no cost to fire departments and NVFC staff will travel to your agency to deliver the training. Experienced hazardous materials trainers and those new to the field are welcome to participate.
Through the PIT Crew program, the NVFC is making hazardous materials (hazmat) training more accessible to departments around the country. The train-the-trainer aspect magnifies this program’s impact by preparing hazmat trainers to go back to their home departments and regions and spread the knowledge they have attained.
Each train-the-trainer workshop is two days long and must be scheduled over a weekend. Workshops are comprised of several NVFC courses between three and seven hours in length, focused on hazmat safety and response topics. Local agencies may select which courses are delivered in their workshop based on their jurisdiction’s needs. See the NVFC’s PIT Crew course catalog for a complete list. Courses are delivered in person; however, some include a hybrid option or a hands-on component.
The first seven of the 15 workshops have been approved and scheduled. Registration is now open for all seven offerings and there are still spaces available. If one of these workshops is near you, please consider registering to attend:
-
Hamilton, NJ - July 29-30, 2023.
-
Fulton, KY - Aug. 26-27, 2023.
-
Pearisburg, VA - Sept. 30 – Oct. 1, 2023.
-
Potosi, MO - Oct. 7-8, 2023.
-
Mahoning, OH - Oct. 21-22, 2023.
-
Orangeburg, SC - Nov. 4-5, 2023.
The eight remaining workshops will take place between January and September 2024 and have not yet been scheduled. If your agency is interested in having a workshop delivered at your site in 2024, please complete NVFC’s hazmat training application at least three months in advance of your desired training date.
Visit nvfc.org/hazmat to learn more and apply. If you have any questions, please contact Rachel Buczynski, NVFC’s Chief of Training and Education, at rachel@nvfc.org or 202-887-5700.
(Source: NVFC)
|
|
CISA and FBI release cybersecurity advisory on Enhanced Monitoring to Detect APT Activity Targeting Outlook Online
The Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) have released a joint Cybersecurity Advisory (CSA), Enhanced Monitoring to Detect APT Activity Targeting Outlook Online, to provide guidance to agencies and critical infrastructure organizations on enhancing monitoring in Microsoft Exchange Online environments.
In June 2023, a Federal Civilian Executive Branch (FCEB) agency observed unexpected events in Microsoft 365 (M365) audit logs. After reporting the incident to Microsoft, network defenders deemed the activity malicious. The goal of this CSA is to enhance organizational cybersecurity posture and position organizations to detect similar malicious activity via implementing the listed logging recommendations.
CISA and FBI strongly encourage that FCEB agencies and critical infrastructure organizations ensure Audit Logging is enabled. Note: See CISA’s Microsoft Exchange Online Microsoft 365 Minimum Viable Secure Configuration Baselines. These minimum viable secure configuration baselines are part of CISA’s Secure Cloud Business Applications (SCuBA) project.
(Source: CISA)
CISA and partners release joint cybersecurity advisory on newly identified Truebot malware variants
On July 6, CISA, the FBI, the Multi-State Information Sharing and Analysis Center (MS-ISAC), and the Canadian Centre for Cyber Security (CCCS) released a joint Cybersecurity Advisory (CSA), Increased Truebot Activity Infects U.S. and Canada Based Networks, to help organizations detect and protect against newly identified Truebot malware variants. Based on confirmation from open-source reporting and analytical findings of Truebot variants, the four organizations assess cyber threat actors leveraged the malware through phishing campaigns containing malicious redirect hyperlinks.
Additionally, newer versions of Truebot malware allow malicious actors to gain initial access by exploiting a known vulnerability with Netwrix Auditor application (CVE-2022-31199). As recently as May 2023, cyber threat actors used this common vulnerability and exposure to deliver new Truebot malware variants and to collect and exfiltrate information against organizations in the U.S. and Canada.
(Source: CISA)
|
|
New White House cyber implementation plan looks to ramp up resilience
The White House released its long-awaited implementation plan for the national cybersecurity strategy, offering federal agencies a roadmap with specific initiatives and requirements to bolster national security and improve long-term resilience against major cyberattacks.
Senior White House officials described the 57-page plan as a "living document" during a phone call with reporters on Wednesday, saying that the guidance will be updated annually to meet emerging threats targeting the federal government.
The plan features more than 65 "high-impact initiatives," each assigned to a designated agency, that align with the five pillars of the cybersecurity strategy released earlier this year: defending critical infrastructure, disrupting and dismantling threat actors, shaping market forces to drive security and investing in a resilient future.
The plan aims to shift the burden for mitigating cyber risks from ordinary citizens to the most capable and best-positioned entities, like major software providers and private companies, while increasing incentives to favor long-term investments in cybersecurity.
The plan requires:
- CISA to lead public-private partnerships and scale those collaborative efforts to drive the development and adoption of secure-by-design and secure-by-default technologies.
- The Department of Justice to increase the speed and volume of its disruption campaigns targeting cybercriminals and nation-state adversaries.
- CISA to lead a process to update the national cyber incident response plan.
- CISA and the FBI to collaborate to head off ransomware attacks, including pre-attack planning and incident response resources for high-risk targets like hospitals and school systems.
(Source: NextGov)
Three new MOVEit bugs spur CISA warning as more victims report breaches
The federal government warned on Friday that three new vulnerabilities have been discovered in the MOVEit file transfer software — a tool that has been at the center of hundreds of breaches announced over the last month.
CISA reported that Progress Software, the company behind MOVEit Transfer, released a new package of patches to resolve the three bugs, labeled CVE-2023-36932, CVE-2023-36933 and CVE-2023-36934.
These latest issues are the fourth, fifth and sixth problems found in the software since the first vulnerabilities were reported at the end of May. In June, Progress Software announced two additional vulnerabilities alongside the initial bug that was exploited by the Clop ransomware gang.
(Source: The Record)
Number of email-based phishing attacks surges 464%
Phishing is the primary method criminals leverage to unearth login credentials. In the first half of 2023 alone, the number of email-based phishing attacks has surged 464% when compared to 2022. Over the same frame, there has also been a 24% increase in attacks per organization. In the first half of 2023, Acronis-monitored endpoints observed a 15% increase in the number of files and URLs per scanned email.
Cybercriminals have also tapped into the burgeoning large language model (LLM)-based AI market, using platforms to create, automate, scale, and improve new attacks through active learning.
(Source: Help Net Security)
Bay Area city shuts down municipal sites following cyberattack
The City of Hayward, California said it was forced to shut off its website and several online municipal portals in response to a cyberattack. The city has more than 160,000 residents and is about 30 minutes away from Oakland and San Francisco.
On Monday, city officials said they detected a cybersecurity incident and intrusion into its network on Sunday morning. As a precaution, they turned off access to the city’s public website and other services. As of Monday afternoon, the city website is still down.
In another statement on a temporary website, the city said 911, emergency dispatch, police, firefighter and medical services are still operational.
Oakland’s government was paralyzed for weeks after a ransomware incident in February that eventually necessitated help from the California National Guard and other state agencies. The city of Modesto – about an hour and a half away from Oakland – also dealt with a citywide ransomware attack at the same time that forced the police department to revert back to radios.
One month earlier, San Francisco dealt with a ransomware attack on its Bay Area Rapid Transit that later led to the leak of troves of sensitive information from the railway's police force. The San Bernardino County Sheriff's Department struggled with its own cyberattack that they said “involved malware.”
(Source: The Record)
|
|
The InfoGram is distributed weekly to provide members of the Emergency Services Sector with information concerning the protection of their critical infrastructures. |
|
|
Fair Use Notice:
This InfoGram may contain copyrighted material that was not specifically authorized by the copyright owner. The EMR-ISAC believes this constitutes “fair use” of copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use copyrighted material contained within this document for your own purposes that go beyond “fair use,” you must obtain permission from the copyright owner.
Linking Policy and Disclaimer of Endorsement:
The appearance of external hyperlinks does not constitute endorsement of the linked websites, or the information, products or services contained therein. We provide these links and pointers solely for your information and convenience. When you select a link to an outside website, remember that you are subject to the privacy and security policies of the owners/sponsors of the outside website. To view information and resources on the policies that govern FEMA web content visit FEMA Website Information.
Section 504 Notice:
Section 504 of the Rehabilitation Act requires that FEMA grantees provide access to information for people with disabilities. If you need assistance accessing information or have any concerns about access, please contact FEMAWebTeam@fema.dhs.gov.
|
|
|
|
|
