|
Volume 23 — Issue 39 | September 28, 2023 |
|
|
Wildland firefighter exposure to smoke has been associated with acute health effects, such as declines in lung function and increases in inflammation, and possible chronic health effects, such as lung cancer and cardiovascular disease.
New research on wildland firefighter inhalation exposures was published last month as part of the National Institute of Occupational Health’s (NIOSH’s) two-year Wildland Firefighter Exposure and Health Effects (WFFEHE) Study, conducted in partnership with the U.S. Forest Service and U.S. Department of the Interior.
This research describes the results of a mid-season exposure assessment to characterize wildland firefighters’ exposure to air contaminants while conducting operations at a wildfire incident.
Samples for this exposure assessment were collected over three days in August 2019 during the Cove Creek Fire at the Salmon Challis National Forest in east-central Idaho. An Interagency Hotshot Crew (IHC) of 19 federally employed wildland firefighters participated in the study.
The sample size for this assessment was small, so findings cannot be generalized to all wildland firefighters. However, the assessment was informative because repeated measures were taken while the crewmembers performed a variety of tasks and roles, including preparing firelines, conducting a firing operation to create a fuel break, and conducting mop up operations. The samples taken during these activities provided insights into the specific activities that contributed to firefighters’ exposures.
To learn more about this assessment, see the full article published in the October 2023 issue of Annals of Work Exposures and Health.
To learn more about the broader WFFEHE Study, check out the 5-minute video overview from the Wildland Fire Lessons Learned Center (WFLLC), filmed on site with the crewmembers who participated in the study. A detailed description of the WFFEHE Study’s rationale, design, and methods was published in Annals of Work Exposures and Health in 2022. NIOSH will update its webpage for the WFFEHE study as additional findings are published.
(Sources: NIOSH, WFLLC)
|
|
|
The Department of Homeland Security (DHS) published its 2024 Homeland Threat Assessment (HTA) this month. It synthesizes insights from across DHS, the Intelligence Community, and other critical homeland security stakeholders. The HTA provides the public and homeland security partners with in-depth information on the most direct, pressing threats to the Homeland over the next year.
The 38-page report is organized into four sections: public safety and security, border and immigration security, critical infrastructure security, and economic security.
In its press release, DHS highlights the following threats identified in the 2024 HTA:
- Violence from individuals radicalized in the United States, mainly seen through lone offenders or small group attacks that occur with little warning.
- Complex border and immigration security challenges.
- The supply of illicit fentanyl will likely continue to increase, along with variations in fentanyl production that continue to increase its lethality.
- Cyber and Artificial Intelligence (AI) tools as likely to be used by foreign actors to bolster their malign influence campaigns, with the goal of undermining trust in government institutions, social cohesion, and democratic processes in the United States.
- Adverse nation-states are expected to continue to use predatory economic practices, espionage, and cyber-attacks intended to harm the U.S. economy.
The 2024 HTA is a product of the DHS Intelligence Enterprise, which is led by the DHS Office of Intelligence and Analysis in partnership with the heads of DHS components.
Until now, DHS has issued updates on the terrorism threat level through the National Threat Advisory System (NTAS). However, with the release of this year’s HTA, DHS announced that in the future, the annual HTA will be the primary mechanism for sharing the terrorism threat level. DHS will still issue NTAS advisories, but these will be reserved for situations where DHS needs to alert the public about a specific or imminent terrorist threat or about a change in the terrorism threat level.
Access the 2024 HTA on DHS.gov.
(Source: DHS)
The DHS Science and Technology Directorate (S&T) just released a reference aid on the latest SARS-COV-2 variants of interest, Supplemental Reference for SARS-CoV-2 Omicron Subvariants Eris and Fornax.
These two Omicron subvariants, Eris (EG.5) and Fornax (FL.1.5.1), have significantly increased in circulation recently. The latest data on variant proportions from the Centers for Disease Control and Prevention (CDC) estimate that these two variants currently account for the largest proportion of new COVID cases, with Eris accounting for 24.5% of new cases and Fornax accounting for about 13.7% as of mid-September 2023.
The information in this 3-page reference is intended to quickly present the current state of available information to government decision makers in the operational response to COVID-19. The document provides the latest available information about the rate of spread, genomics as compared with previous variants, transmissibility, effectiveness of current vaccines, protective immunity, medical treatments, and symptoms.
This Supplemental Reference builds on the information in DHS S&T’s comprehensive COVID-19 Master Question List (MQL), which was first released at the beginning of the COVID-19 pandemic and was last updated in July 2023. It also builds on the information in DHS S&T’s first supplement on the original Omicron variant, which was released in December 2021 when the Omicron variant first emerged as the dominant strain in the United States.
This family of COVID-19 reference aids from DHS S&T are rigorously cited to current scientific research and the latest guidance. Access the new supplemental reference on Eris and Fornax and all related documents on DHS S&T’s website.
(Source: DHS S&T, CDC)
The U.S. Fire Administration (USFA) will hold its annual Summit on Fire Prevention and Control on Tuesday, Oct. 10, 2023, from 9:30 a.m. to 5:30 p.m. EDT. This is the U.S. Fire Administrator’s exclusive event that provides access to the top leaders and decision makers in the industry.
The event will be held in a hybrid format with the option to attend virtually or in person at the National Emergency Training Center (NETC) in Emmitsburg, Maryland.
The morning agenda includes roundtable listening sessions and testimonies from national fire service leaders, followed by discussions with the Commissioner of the City of Philadelphia Fire Department and the Deputy Assistant Chief of the Fire Department of the City of New York.
The afternoon is packed with information on the state of science for the fire service, covering emerging technologies, climate change, innovations in fire-based emergency medical services, firefighter health and safety, data and technology, and community engagement.
Whether attending in person or virtually, everyone must register for the Summit through the NETC’s registration system. To start your registration, you will need your FEMA SID. If you do not have a FEMA SID number or have forgotten your number, go to the FEMA Student Identification System website to obtain your FEMA SID before you register.
Visit USFA’s website to access the full agenda, speaker information, and instructions for registering. Follow USFA on Twitter for updates on the #USFASummit event activities and to stay informed about USFA’s work.
(Source: USFA)
|
|
CISA and FEMA open the application process for the Tribal Cybersecurity Grant Program
On Sept. 27, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Emergency Management Agency (FEMA) announced the opening of the application process for $18.2 million available through the Tribal Cybersecurity Grant Program (TCGP) to help tribal governments address cybersecurity risks and threats. With the release of a Notice of Funding Opportunity, applicants have until January 10, 2024 to apply for a grant, which can be used to fund new or existing cybersecurity programs.
The cyber grant program is an innovative program established by the State and Local Cybersecurity Improvement Act, part of the Bipartisan Infrastructure Law, to help address the unique challenges Tribal governments face when defending against cyber threats. Digital threats impacting Native American and Alaska Native tribes are increasing in frequency and complexity. This program will help provide needed resources to Tribal groups, which sometimes lack or cannot easily access the assets to help them address these dangers.
For more information and helpful resources on the Tribal Cybersecurity Grant Program, visit CISA’s webpage at www.cisa.gov/cyber-grants or FEMA’s webpage at Tribal Homeland Security Grant Program | FEMA.gov.
(Source: CISA)
|
|
CISA, NSA, FBI and Japan release advisory warning of BlackTech, PRC-linked cyber activity
On Sept. 27, CISA, the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), Japan National Police Agency (NPA), and Japan National Center of Incident Readiness and Strategy for Cybersecurity (NISC) published a Joint Cybersecurity Advisory (CSA) about malicious activity by People’s Republic of China (PRC)-linked cyber actors known as BlackTech, which have demonstrated capabilities to modify router firmware without detection and exploit routers’ domain-trust relationships. The authoring agencies have observed PRC-linked cyber actors leveraging this exploitation of routers to pivot from global subsidiary companies to corporate headquarter networks in the U.S. and Japan.
BlackTech actors have targeted government, industrial, technology, media, electronics, telecommunication, and defense industrial base sectors. These actors are targeting Windows, Linux, and FreeBSD operating systems using remote access tools (RATs) and several different custom malware payloads, such as BendyBear, FakeDead, and FlagPro, along with using living off the land technique to evade detection and blend in with normal operations and activities and appear legitimate.
With partners in the NSA, FBI, and Government of Japan, CISA urges critical infrastructure and private sector organizations to apply the recommended mitigations in this advisory, AA23-270A: People's Republic of China-Linked Cyber Actors Hide in Router Firmware.
For more information on the PRC cyber threat, see the CSA People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices and visit China Cyber Threat Overview and Advisories.
(Source: CISA)
FBI: Two or more ransomware variants impacting the same victims and data destruction trends
As of July 2023, the FBI noted two trends emerging across the ransomware environment and is releasing this notification for industry awareness. These new trends included multiple ransomware attacks on the same victim in close date proximity and new data destruction tactics in ransomware attacks.
During these attacks, cyber threat actors deployed two different ransomware variants against victim companies from the following variants: AvosLocker, Diamond, Hive, Karakurt, LockBit, Quantum, and Royal. In early 2022, multiple ransomware groups increased use of custom data theft, wiper tools, and malware to pressure victims to negotiate. Second ransomware attacks against an already compromised system could significantly harm victim entities.
For mitigation and reporting recommendations, read the full Private Industry Notification from the FBI’s Internet Crime Complaint Center (IC3).
(Source: FBI IC3)
U.S. cities have a staggering problem of Kia and Hyundai thefts. This data shows it.
Cities around the U.S. are facing a staggering new normal when it comes to stolen cars. Chicago consistently has more than 2,000, an average of 86 cars stolen every single day. Denver rarely had more than 800 stolen cars in a month before 2021. Now it usually has more than 1,000. Atlanta usually had less than 250 per month before 2022. This year, it has doubled.
The thefts are centered around two car brands: Kia and Hyundai. From 2011 to 2021, Kia and Hyundai manufactured many of their cars without engine immobilizers, a basic anti-theft device that costs about $100 to manufacture into a car and prevents them from being hot-wired.
To better understand the scale and impact of the Kia and Hyundai thefts, Motherboard asked the police departments for the 100 most populous cities in the U.S. for car theft data and filed public records requests with the cities that either declined to provide it or didn’t respond. So far, Motherboard has received complete data from 20 cities, with additional data from several others.
(Source: Vice)
Dallas: Royal ransomware gang infiltrated networks weeks before striking
The city of Dallas, Texas published its 31-page After-Action Report last week, outlining what happened before, during and after the ransomware attack crippled critical systems used by the city’s police, firefighters, hospitals and government officials.
The hackers — part of the Royal ransomware gang — first infiltrated government systems on April 7 and immediately began surveillance operations. They used a government service account to pivot into the city’s infrastructure and deploy remote management tools. From April 7 to May 2, the hackers exfiltrated nearly 1.17 terabytes of data and prepared themselves to deploy the ransomware, which they did the following morning.
The city noted officials focused on restoring critical systems like the Public Safety Computer-Aided Dispatch, which was brought down during the attack and caused police and ambulances to go to the wrong location multiple times for days.
In addition to internal and external cybersecurity assistance, the city called on federal law enforcement agencies like the FBI and Cybersecurity and Infrastructure Security Agency (CISA) to help recover from the incident. In total, the Dallas City Council approved a budget of $8.5 million for restoration efforts and city officials said it is likely they will not need additional funds. The city’s IT team dedicated nearly 40,000 hours to dealing with the ransomware attack.
(Source: The Record)
|
|
The InfoGram is distributed weekly to provide members of the Emergency Services Sector with information concerning the protection of their critical infrastructures. |
|
|
Fair Use Notice:
This InfoGram may contain copyrighted material that was not specifically authorized by the copyright owner. The EMR-ISAC believes this constitutes “fair use” of copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use copyrighted material contained within this document for your own purposes that go beyond “fair use,” you must obtain permission from the copyright owner.
Linking Policy and Disclaimer of Endorsement:
The appearance of external hyperlinks does not constitute endorsement of the linked websites, or the information, products or services contained therein. We provide these links and pointers solely for your information and convenience. When you select a link to an outside website, remember that you are subject to the privacy and security policies of the owners/sponsors of the outside website. To view information and resources on the policies that govern FEMA web content visit FEMA Website Information.
Section 504 Notice:
Section 504 of the Rehabilitation Act requires that FEMA grantees provide access to information for people with disabilities. If you need assistance accessing information or have any concerns about access, please contact FEMAWebTeam@fema.dhs.gov.
|
|
|
|
|
