|
Volume 23 — Issue 41 | October 12, 2023 |
|
Firefighters are at significant risk of injury or death when fighting fires in strip malls. Strip mall fires are low-frequency, high-risk incidents due to a variety of construction features, which can result in limited entry and egress, high heat release rate, fuel loading, maze-like conditions, and high entanglement potential. Operating in occupancies with a high volume of merchandise and furnishings in zero visibility creates additional hazards; firefighters can become disoriented and lose directional awareness.
To minimize these risks, the National Institute for Occupational Safety and Health (NIOSH) has released a Workplace Solutions bulletin with recommended precautions that fire departments should take. The bulletin, Preventing Deaths and Injuries to Firefighters Working at Strip Mall Fires, first characterizes the risks to firefighters at strip mall fires. It then outlines considerations for developing the correct strategy and an effective incident action plan.
The bulletin then reviews a case study where a volunteer firefighter died while fighting a fire in a strip mall in North Carolina on April 30, 2016. This case study describes multiple challenges encountered during this incident, providing support for many of the recommendations. In addition to the 2016 case study, these recommendations are informed by several other NIOSH investigations into firefighter line-of-duty deaths at strip mall fires, conducted through its Fire Fighter Fatality Investigation and Prevention Program (FFFIPP).
The final section describes precautions that fire departments can take pre-incident, during the incident, and post-incident to minimize risks of fighting strip mall fires.
Key fire service community organizations, including the International Association of Fire Fighters, International Association of Fire Chiefs, United States Fire Administration, Underwriters Laboratories Fire Safety Research Institute, and the National Volunteer Fire Council, supported this effort.
As part of the Centers for Disease Control and Prevention, NIOSH is the federal agency responsible for conducting research and making recommendations to prevent work-related illnesses and injuries. All Workplace Solutions documents are based on research studies that show how worker exposures to hazardous agents or activities can be significantly reduced.
Access the new Workplace Solutions bulletin on NIOSH’s website.
(Source: NIOSH)
|
|
Emergency services and public safety agencies can help to ensure the safety and security of faith-based communities within their areas of responsibility. This can be done not just by responding to the emergency, but also through collaborative planning, training, and building community partnerships.
The White House’s Office of Faith Based and Neighborhood Partnerships, established in 2021, leads the federal Centers for Faith-Based and Neighborhood Partnerships across the executive branch of the federal government in its comprehensive effort to enlist, equip, enable, empower, and expand the work of community-serving organizations, both faith-based and secular. In September 2023, the White House published Allied Against Hate: A Toolkit for Faith Communities. This toolkit describes practical steps faith communities can take to prevent acts of hate, discrimination, and bias, and to demonstrate solidarity with targeted communities if such acts tragically do occur.
On Oct. 10, DHS published a consolidated list of resources and information for faith and community leaders regarding the situation in Israel. DHS highlights its If You See Something, Say Something© Campaign Resources and its recently launched Prevention Resource Finder. Many additional resources can be accessed via the DHS Center for Faith-Based and Neighborhood Partnerships at dhs.gov/faith.
The Federal Emergency Management Agency (FEMA) provides many resources for emergency managers. These include FEMA’s Guide for Developing High-Quality Emergency Operations Plans for Houses of Worship and the U.S. Fire Administration’s resources on Protecting Houses of Worship Against Arson. Additional resources from FEMA are available at fema.gov/faith.
The Cybersecurity and Infrastructure Security Agency (CISA) provides resources that assist houses of worship in securing physical and cyber infrastructure. Earlier this year, CISA published Protecting Places of Worship: Six Steps to Enhance Security against Targeted Violence. This fact sheet is an excellent quick reference to the six overarching steps that faith-based organizations and community leaders can take to increase security. CISA and the Federal Bureau of Investigation (FBI) just released a companion document to the “Six Steps” in September 2023, Protecting Houses of Worship: Perimeter Security Considerations Infographic. This infographic outlines low- to no-cost solutions to help implement suggested practices in the “Six Steps” and highlights ways to identify funding for security improvements. Information about all of CISA’s resources and services are accessible via its Protecting Houses of Worship page. Local law enforcement and physical security professionals may benefit from consulting these resources when conducting outreach or planning with their community’s faith-based organizations.
The Department of Justice (DOJ) developed Safeguarding Houses of Worship, which guides local law enforcement agencies in working with institutions to evaluate security needs and develop security and safety plans. This resource is available to public safety officials upon request.
The Office of the Director of National Intelligence (ODNI), National Counterterrorism Center (NCTC) provides resources for first responders through its First Responders’ Toolbox series. The First Responder’s Toolbox, Threats Against Houses of Worship Highlight the Importance of Religious Community Outreach, can help emergency response agencies to enhance communication, coordination, and training among stakeholder agencies to improve security protocols, increase awareness of suspicious activity indicators, and ultimately improve the ability to prevent, detect, deter, and disrupt potential plots.
(Sources: White House, DHS, FEMA, USFA, CISA, DOJ, ODNI)
On Sept. 27, the Wildland Fire Mitigation and Management Commission announced the release of its final report, On Fire: The Report of the Wildland fire Mitigation and Management Commission.
The report outlines a comprehensive, consensus-based set of recommendations to Congress to address the nation’s wildfire crisis. The 148 recommendations in the report are centered around seven key themes:
- Urgent New Approaches to address the wildfire crisis.
- Supporting Collaboration to improve partner involvement at every scale.
- Shifting from Reactive to Proactive in planning for, mitigating and recovering from fire.
- Enabling Beneficial Fire to reduce the risk of catastrophic wildfire.
- Supporting and Expanding the Workforce to hire and retain the wildland firefighting staff needed to address the crisis.
- Modernizing Tools for Informed Decision-making to better leverage available technology and information.
- Investing in Resilience through increased spending now to reduce costs in the long run.
Taken together, these recommendations are intended to help lead the nation toward a different relationship and experience with wildfire.
The Commission, created by President Biden’s Bipartisan Infrastructure Law and announced in December 2021, was charged with making recommendations to Congress to improve federal policies related to the mitigation, suppression and management of wildland fires in the United States, and the rehabilitation of land devastated by wildland fires. The commission is co-chaired by the Department of the Interior, Department of Agriculture, and Federal Emergency Management Agency. The 50 commission members have a broad range of expertise with wildfire, including firefighting, prescribed fire, cultural burning, watershed restoration, pre-fire mitigation, research, public health, post-fire recovery and more.
For more information, visit the commission website or email wildlandfirecommission@usda.gov.
(Sources: USDA, DOI, FEMA, USFA)
FEMA’s Emergency Management Institute (EMI) has released the schedule for its fiscal year (FY) 2024 Virtual Tabletop Exercise (VTTX) Program. Those interested can now apply for VTTX offerings in the first half of FY2024; the second half will be covered in another training announcement later in the year.
EMI’s VTTX training is designed to leverage the “whole community” concept, with 10 to 15 representatives from participants’ local Emergency Management Community of Practice. A local Community of Practice may include federal, state, local, tribal and territorial (FSLTT) emergency management organizations, private sector organizations, higher learning/education-based facilities, healthcare organizations, or Voluntary Organizations Active in Disaster (VOAD). For this reason, organizations are encouraged to apply for a VTTX training as a Community of Practice group of at least five participants.
VTTX training is designed to engage the participants in a no-fault, hazard-specific exercise discussion. Each VTTX is four hours in length and will consist of:
- Three discussion modules.
- Local discussion with guided questions led by an onsite facilitator.
- Plenary brief-outs from each participating location after each module.
- 10–15 participating locations (agencies) per broadcast.
For the first half of 2024, simulated disaster scenarios will incorporate:
- Natural disasters and severe weather events such as high winds, flooding, tornados, and wildfires.
- Man-made threats, including an active shooter, hazardous materials release, and a bridge collapse.
- A large-scale power outage.
- A mass gathering incident.
- A cybersecurity incident.
Facilitation of the exercise will occur via an online platform from EMI and will need to be complemented by a dedicated local agency facilitator at each participating site. The participating location must provide a person capable of facilitating the onsite portion of this discussion-based exercise. The VTTX will be supported by an Exercise and Coordination Facilitation Guide, which will include all required logistical information (room layout, connection instructions, etc.), as well as facilitation and hot wash instructions.
EMI’s FY2024 VTTX EMIGram provides the complete schedule for the first half of FY2024, course series description, and instructions for how to apply.
(Source: FEMA)
|
|
HC3: Sector Alert - Critical Vulnerability in Cisco Emergency Responder Platform
Cisco recently released an update which fixes a critical vulnerability in their Emergency Responder communications platform, a system that is utilized in the health sector. Exploitation of this vulnerability allows for a cyberattacker to completely compromise a vulnerable system, and then utilize it for further cyberattacks across an enterprise network.
The vulnerable software in question, Cisco’s Emergency Responder, which is a component of the Unified Communications Manager platform, includes the following functionality:
- Emergency Call Routing – This includes calls to public safety personnel as well as other emergency services; these services can be extended to cellular and VOIP phones.
- Database Management – Emergency Responder operates and maintains structured data repositories to support location of phones, call, nature of call, etc.
- Location Tracking – Leveraging database capabilities, Emergency Responder can track locations of stationary (especially VOIP) as well as mobile phones, to facilitate improved response times
- Alerts/Notifications – Emergency Responder has the ability to relay priority traffic to selected individuals and groups regarding data, such as the location of the caller and the nature of the emergency.
CER is designed to assist organizations in responding promptly and effectively to emergencies by providing accurate location information, and instant and accurate call/communications routing related to the emergencies.
On Oct. 4, 2023, Cisco released a security advisory regarding a vulnerability in their Emergency Responder platform. Exploitation of this vulnerability can allow an unauthenticated, remote attacker to access the system as root (administrative privileges) and execute arbitrary commands. This vulnerability is tracked as CVE-2023-20101, is rated critical and has a CVSS score of 9.8 out of 10.
Read the full Sector Alert from the Department of Health and Human Services (HHS) Health Sector Cybersecurity Coordination Center (HC3) for more information and mitigation guidance.
(Source: HHS HC3)
|
|
NSA and CISA release advisory on top ten cybersecurity misconfigurations
On Oct. 5, the National Security Agency (NSA) CISA released a joint cybersecurity advisory (CSA), NSA and CISA Red and Blue Teams Share Top Ten Cybersecurity Misconfigurations, which provides the most common cybersecurity misconfigurations in large organizations, and details the tactics, techniques, and procedures (TTPs) actors use to exploit these misconfigurations.
The misconfigurations in the CSA illustrate a trend of systemic weaknesses in many large organizations, including those with mature cyber postures, and highlights the importance of software manufacturers embracing secure-by-design principles to reduce the burden on network defenders. Read the Executive Assistant Director at CISA's blog post on the "Urgency for Software Manufacturers to Incorporate Secure by Design Principles."
Additionally, NSA and CISA encourage organizations to review the joint CSA for recommended steps and best practices to reduce the risk of malicious actors exploiting the identified misconfigurations. For more information on secure-by-design principles, visit Secure by Design and Security-by-Design and -Default.
(Source: CISA)
FBI and CISA release update on AvosLocker advisory
On Oct. 11, the FBI and CISA released a joint Cybersecurity Advisory (CSA), #StopRansomware: AvosLocker Ransomware (Update) to disseminate known indicators of compromise (IOCs), tactics, techniques, and procedures (TTPs), and detection methods associated with the AvosLocker variant identified through FBI investigations as recently as May 2023.
This release updates the March 17, 2022 joint CSA, Indicators of Compromise Associated with AvosLocker ransomware, released by FBI, CISA, and the Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN). This update includes IOCs and TTPs not included in the previous advisory and a YARA rule developed after analyzing a tool associated with an AvosLocker compromise.
(Source: CISA)
Genetics firm 23andMe says user data stolen in credential stuffing attack
23andMe has confirmed to BleepingComputer that it is aware of user data from its platform circulating on hacker forums and attributes the leak to a credential-stuffing attack. 23andMe is a U.S. biotechnology and genomics firm offering genetic testing services to customers who send a saliva sample to its labs and get back an ancestry and genetic predispositions report.
Recently, a threat actor leaked samples of data that was allegedly stolen from a genetics firm and, a few days later, offered to sell data packs belonging to 23andMe customers. The initial data leak was limited, with the threat actor releasing 1 million lines of data for Ashkenazi people. However, on October 4, the threat actor offered to sell data profiles in bulk for $1-$10 per 23andMe account, depending on how many were purchased.
A 23andMe spokesperson confirmed the data is legitimate and told BleepingComputer that the threat actors used exposed credentials from other breaches to access 23andMe accounts and steal the sensitive data.
(Source: Bleeping Computer)
UK opposition leader targeted by AI-generated fake audio smear
An audio clip posted to social media on Sunday, purporting to show Britain’s opposition leader Keir Starmer verbally abusing his staff, has been debunked as being AI-generated by private-sector and British government analysis.
The audio of Keir Starmer was posted on X (formerly Twitter) by a pseudonymous account on Sunday morning, the opening day of the Labour Party conference in Liverpool. The account asserted that the clip, which has now been viewed more than 1.4 million times, was genuine, and that its authenticity had been corroborated by a sound engineer.
Recorded Future News understands an analysis of the audio file by the British government confirmed it to be fake. Authorities in the U.K. are bracing for this kind of interference ahead of the country’s general election next year, in the wake of similar attempts to influence the recent elections in Slovakia.
As reported by Wired, as an audio post the fake also “exploited a loophole in Meta’s manipulated-media policy, which dictates only faked videos — where a person has been edited to say words they never said — go against its rules.”
(Source: The Record)
Caesars Entertainment says social engineering attack behind August breach
Caesars Entertainment confirmed that a social engineering attack beginning in mid-August led to the theft of data from members of its customer rewards program, according to a filing with the Maine attorney general’s office.
The social-engineering attack on an outsourced IT support vendor resulted in unauthorized access on Aug. 18 and led to a data breach on Aug. 23, according to information in the Friday filing. The company said the breach was discovered Sept. 7.
Caesars paid millions of dollars to the Scattered Spider threat group after it hacked the company and threatened to release company data, Bloomberg reported on Sept. 13.
The disclosure came just one day after MGM Resorts disclosed a cyberattack with the Maine attorney general’s office. Security researchers say MGM Resorts was attacked by the same threat groups using similar methods as the Caesars Entertainment attack. MGM Resorts disclosed it would take a $100 million financial hit from the attack, which severely impacted room occupancy, gaming operations and entertainment at its Las Vegas properties.
(Source: Cybersecurity Dive)
|
|
The InfoGram is distributed weekly to provide members of the Emergency Services Sector with information concerning the protection of their critical infrastructures. |
|
Fair Use Notice: This InfoGram may contain copyrighted material that was not specifically authorized by the copyright owner. The EMR-ISAC believes this constitutes “fair use” of copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use copyrighted material contained within this document for your own purposes that go beyond “fair use,” you must obtain permission from the copyright owner.
Linking Policy and Disclaimer of Endorsement: The appearance of external hyperlinks does not constitute endorsement of the linked websites, or the information, products or services contained therein. We provide these links and pointers solely for your information and convenience. When you select a link to an outside website, remember that you are subject to the privacy and security policies of the owners/sponsors of the outside website. To view information and resources on the policies that govern FEMA web content visit FEMA Website Information.
Section 504 Notice: Section 504 of the Rehabilitation Act requires that FEMA grantees provide access to information for people with disabilities. If you need assistance accessing information or have any concerns about access, please contact FEMAWebTeam@fema.dhs.gov.
|
|
|
|
|