View as a webpage / Share

Volume 24 — Issue 10 | March 7, 2024

Actionable research findings on emergency vehicle lighting and visibility at roadway incidents

The Federal Highway Administration’s National Operations Center of Excellence (NOCoE) hosted a webinar on Feb. 28, where a national expert presented actionable findings from research studies on emergency vehicle lighting and visibility at roadway incidents.

These findings were presented by Dr. John Bullough, Program Director at the Light and Health Research Center at the Icahn School of Medicine at Mount Sinai. The findings come from the results of many studies by Dr. Bullough and colleagues spanning more than a decade at the Light and Health Research Center. The research was sponsored by the National Institute for Occupational Safety and Health, the Emergency Responder Safety Institute and the U.S. Fire Administration (USFA); the National Cooperative Highway Research Program; and SoundOff Signal.

These findings can be used to implement improvements to emergency vehicle lighting as well as improvements to responder and vehicle visibility at roadway incidents.

A summary of the findings:

• Reducing intensity at night will maintain alerting but allow responders to be seen more accurately.
• Just a little steady illumination around the vehicle will make responders much easier to see at night.
• Reflective vehicle markings can sometimes be “too bright” making emergency responders more difficult to see at night.
• “High/low” flashing is better than “on/off” flashing for closure detection.
• Synchronized lights help reduce visual chaos, and sequential lights provide visual information.
• Blue and red lights are rated most visible; blue and white lights are most glaring.

Watch the webinar recording to see Dr. Bullough’s full presentation, which includes explanations and citations to the supporting research for each of the above findings.

This webinar is part of the NOCoE’s Talking TIM webinar series, which provides a forum where Traffic Incident Management (TIM) champions with any level of expertise can exchange information about current practices, programs, and technologies. Register for upcoming webinars in this series to be notified via email about future presentation topics and receive webinar reminders.

(Source: NOCoE)

Highlights

Actionable research findings on emergency vehicle lighting and visibility at roadway incidents

FEMA updates Emergency Operations Center Skillsets, requests input by March 28

CISA webinar for emergency services on Targeted Violence and Terrorism Prevention grants, March 19

2024 Executive Fire Officer and Leadership Symposium and pre-event Gettysburg Staff Ride

Cyber Threats

The U.S. Fire Administration operates the Emergency Management and Response – Information Sharing and Analysis Center (EMR-ISAC).

For information regarding the EMR-ISAC visit www.usfa.dhs.gov/emr-isac or contact the EMR-ISAC office at: (301) 447-1325 and/or fema-emr-isac@fema.dhs.gov.

FEMA updates Emergency Operations Center Skillsets, requests input by March 28

Jurisdictions establish Emergency Operations Centers (EOC) to meet their unique requirements and needs, so no two EOCs are designed the same way. The Federal Emergency Management Agency (FEMA) provides tools and resources for building or maintaining EOCs, in accordance with the National Incident Management System (NIMS).

EOC Skillsets serve as a flexible framework for building the capabilities and qualifications of EOC personnel, allowing EOC leaders to build position qualifications according to their organization’s needs and resources.

FEMA’s National Integration Center (NIC) has just released updated EOC Skillsets for each function and level of responsibility of EOC personnel. Once finalized, this version of the EOC Skillsets will supersede the 2018 version. The NIC is seeking input on the updated EOC Skillsets during a national engagement period that concludes on Thursday, March 28, 2024.

This update is based on best practices related to operations; assessing processes and transitioning; capabilities; infrastructure (technology); personnel; and comprehensive training. The updates incorporate lessons learned related to supporting temporary or extended virtual EOC operations or replacing the typical EOC model with a hybrid/virtual option.

To submit comments, first download the set of updated files [Zip file, 0.9 MB] and the feedback form [Excel file, 23 KB] from FEMA’s NIMS page. Please email the completed feedback form to FEMA-NIMS@fema.dhs.gov.

(Source: FEMA)

CISA webinar for emergency services on Targeted Violence and Terrorism Prevention grants, March 19

The Cybersecurity and Infrastructure Security Agency’s (CISA’s) Emergency Services Sector (ESS) Management Team has partnered with the Department of Homeland Security (DHS), Center for Prevention Programs and Partnerships (CP3) to educate first responders on the Targeted Violence and Terrorism Prevention (TVTP) Grant Program.

CISA and CP3 will host a webinar on Tuesday, March 19, 2024, at 1 p.m. EDT, Targeted Violence and Terrorism Prevention Grant Program. This webinar will discuss how homeland security, public safety, emergency management and emergency response personnel can apply to the TVTP program and how TVTP funds can be used to develop prevention capabilities in their community.

This webinar is part of CISA’s quarterly Emergency Services Sector Resilience Development series. The series is facilitated by CISA’s ESS Management Team and focuses on topics of interest to ESS stakeholders.

No advanced registration is required to join this webinar. To participate, mark your calendar for March 19, 2024, at 1 p.m. EDT and go to CISA’s Homeland Security Information Network (HSIN) Connect Room at the scheduled time to join: https://share.dhs.gov/cisatargetedviolentprogram/. A HSIN account is not required to join; participants may enter the room as a guest.

To learn more about this webinar, see CISA’s downloadable webinar flyer.

For more information or to seek additional help, contact the Emergency Services Sector Management Team at EmergencyServicesSector@cisa.dhs.gov.

(Source: CISA)

2024 Executive Fire Officer and Leadership Symposium and pre-event Gettysburg Staff Ride

The USFA’s National Fire Academy, in partnership with the International Association of Fire Chiefs (IAFC) Executive Fire Officers (EFO) Section, will host its annual Executive Fire Officer and Leadership Symposium on Friday and Saturday, April 5 and 6, 2024, at the National Emergency Training Center (NETC) in Emmitsburg, Maryland.

The IAFC will be independently sponsoring a pre-event Gettysburg Staff Ride on Thursday, April 4, 2024, in conjunction with the conference. The Staff Ride is limited to 45 registrants on a first-come, first-serve basis.

The EFO and Leadership Symposium is an opportunity for current and future leaders in the fire and emergency medical services to hear about outstanding and innovative research by EFO Program students, high-quality presentations from private and public sector representatives, and the latest updates on the EFO Program and curriculum. The event is also an excellent opportunity to network with fellow fire and emergency medical services (EMS) professionals, EFO students and graduates, and USFA staff.

This year’s presenters will cover a wide variety of fire and EMS leadership topics related to mental health; building courage and resilience in leadership; human resources hot topics; diversity, equity, and inclusion; safety and injury reduction; wildland-urban interface risk reduction; and more.

There is no cost to register for the Symposium. Lodging is also provided free of charge if staying on the NETC campus, but space is limited. To register, complete a National Emergency Training Center online admissions application. When prompted to select a course, please select “R0120 Executive Fire Officer Program Symposium.” A FEMA Student Identification number is required to register. After completing the application, your supervisor has 14 days to approve your application before it is considered submitted.

Learn more and register for the 2024 EFO and Leadership Symposium on USFA’s website. Register for the pre-event Gettysburg Staff Ride on IAFC’s website.

(Sources: USFA, IAFC)

Cyber Incident Assistance

MS-ISAC
SOC@cisecurity.org
1-866-787-4722

IdentityTheft.gov

IC3

Cybercrime Support Network

General Information

StopRansomware.gov

CISA's Known Exploited Vulnerabilities Catalog

FTC scam list

CISA alerts

Law Enforcement Cyber Center

TLP Information

CISA and partners release advisory on threat actors exploiting Ivanti Connect Secure and Policy Secure Gateways vulnerabilities

On Feb. 29, CISA, the Federal Bureau of Investigation (FBI), the Multi-State Information Sharing and Analysis Center (MS-ISAC) and international partners released the joint Cybersecurity Advisory Threat Actors Exploit Multiple Vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways.

The advisory describes cyber threat actor exploitation of multiple previously identified Connect Secure and Policy Secure vulnerabilities—namely CVE-2023-46805, CVE-2024-21887, and CVE-2024-21893—which threat actors can exploit in a chain to bypass authentication, craft malicious requests, and execute arbitrary commands with elevated privileges.

The authoring organizations and industry partners have observed persistent targeting of these vulnerabilities by a variety of cyber threat actors. The advisory provides cyber defenders with detection methods and indicators of compromise (IOCs) as well as mitigation guidance to defend against this activity.

All organizations using these devices should assume a sophisticated threat actor could achieve persistence and may lay dormant for a period of time before conducting malicious activity. Organizations are urged to exercise due caution in making appropriate risk decisions when considering a virtual private network (VPN), to include whether to continue operating these Ivanti devices.

(Source: CISA)

NSA releases maturity guidance for the Zero Trust Network and Environment Pillar

On March 5, the National Security Agency (NSA) released a Cybersecurity Information Sheet (CSI) that details curtailing adversarial lateral movement within an organization’s network to access sensitive data and critical systems. The CSI, entitled Advancing Zero Trust Maturity Throughout the Network and Environment Pillar, provides guidance on how to strengthen internal network control and contain network intrusions to a segmented portion of the network using Zero Trust principles.

The network and environment pillar–one of seven pillars that make up the Zero Trust framework–isolates critical resources from unauthorized access by defining network access, controlling network and data flows, segmenting applications and workloads, and using end-to-end encryption.

This guidance expands on NSA’s previously released CSIs, Embracing a Zero Trust Security Model, Advancing Zero Trust Maturity Throughout the User Pillar, and Advancing Zero Trust Maturity Throughout the Device Pillar.

(Source: NSA)

Iranian national charged for multi-year hacking campaign targeting U.S. defense contractors and private sector companies

On Feb. 29, the Justice Department (DOJ) unsealed an indictment charging an Iranian national with involvement in a cyber-enabled campaign to compromise U.S. governmental and private entities.

From at least in or about 2016 through in or about April 2021, the Iranian national and co-conspirators were members of a hacking organization that participated in a coordinated multi-year campaign to conduct and attempt to conduct computer intrusions.

These intrusions targeted more than a dozen U.S. companies and the U.S. Departments of the Treasury and State. The hacking group’s private sector victims were primarily cleared defense contractors, which are companies that support U.S. Department of Defense programs. In addition, the group targeted a New York-based accounting firm and a New York-based hospitality company.

In conducting their hacking campaigns, the group used spear phishing — that is, tricking an email recipient into clicking on a malicious link — to infect victim computers with malware.

In addition to spearphishing, the conspirators utilized social engineering, which involved impersonating others, generally women, in order to obtain the confidence of victims. These social engineering contacts were another means the conspiracy used to deploy malware onto victim computers and compromise those devices and accounts.

(Source: DOJ)

Update to National Cybersecurity Strategy Implementation Plan coming before the end of summer

Cybersecurity professionals can expect fresh reading materials in the coming months from the Office of the National Cyber Director, which aims to issue an update to the National Cybersecurity Strategy Implementation Plan before the summer is over, a White House cyber official said Tuesday.

The implementation plan outlines how the White House will accomplish the goals outlined in the national cybersecurity plan and is supposed to be a “living document” that is updated as initiatives are complete or new initiatives are added. The implementation plan 2.0 is expected “late spring, early summer,” said Brian Scott, deputy assistant national cyber director for cyber policy and programs.

Cybersecurity pros can also expect an update on software liability reform in the next implementation plan release. In its recently released National Cybersecurity Strategy, the Biden administration called on Congress to develop legislation to develop a software liability regime, one that would allow consumer and businesses to sue software makers if they fail to take proper care in designing the security of their tools. Software companies, if the White House has its way, will no longer be able to disclaim liability for the products they produce.

The Biden administration is currently looking at developing a framework around software liability. One aspect of the framework will be exploring how best to implement safe harbor incentives for companies that are developing code using secure methods. Companies that align with those best practices — which are still being explored — are less likely to face legal issues down the road.

(Source: Cyberscoop)

$100 million a day? Cash flow disruptions roil healthcare industry after cyberattack

The economic impact of the Change Healthcare cyberattack continues to come into focus, with experts saying some large industry players — such as hospital and pharmacy networks — are facing disruptions costing upwards of $100 million a day.

The Change Healthcare incident has disrupted the ability of healthcare organizations nationwide to handle insurance filings, particularly for pharmacy operations. The company last published an update publicly on Monday.

The CEO of the Florida Hospital Association has said that revenue problems will probably add up to $1 billion or more just in that state.

On Tuesday, the Department of Health and Human Services said the Centers for Medicare and Medicaid Services (CMS) would be making more information available for providers to receive "accelerated payments."

(Source: The Record)

American Ambulance Association: Summary of Change Healthcare cyberattack and HHS statement

On Feb. 21, 2024, UnitedHealth Group (UHG) disclosed that one of its subsidiaries was the victim of a ransomware attack. According to UHG, the cyberattack was perpetrated against Change Healthcare, an operating unit within UHG’s Optum subsidiary.

On March 5, 2024, the U.S. Department of Health and Human Services issued a statement detailing the steps HHS would be taking to avoid further disruptions to the health care system, which included permitting hospitals to submit requests for Medicare Accelerated Payments, similar to those issued during the early stages of the COVID-19 pandemic; however other providers/suppliers do not seem to have access to this workaround. HHS indicated that its Medicare Administrative Contractors (MACs) would be issuing specific guidance on how to request accelerated payments later this week.

The Potential Impact on EMS Providers

According to various reports, there are approximately 800 payers whose claims routing processes utilize Change Healthcare’s network. This impact may be felt directly, in the case of claims submitted directly by the provider to the payer, or indirectly, in the case of claims submitted through a clearinghouse. 

The American Ambulance Association (AAA) encourages members to contact their clearinghouses to see which payers, if any, are being affected by the system interruption.

Optum has also established temporary alternative funding options. At this point it is unclear whether ambulance providers will be eligible for this alternative funding. Members are encouraged to check the Optum website for further updates. 

(Source: AAA)

The InfoGram is distributed weekly to provide members of the Emergency Services Sector with information concerning the protection of their critical infrastructures.

Fair Use Notice:
This InfoGram may contain copyrighted material that was not specifically authorized by the copyright owner. The EMR-ISAC believes this constitutes “fair use” of copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use copyrighted material contained within this document for your own purposes that go beyond “fair use,” you must obtain permission from the copyright owner.

Linking Policy and Disclaimer of Endorsement:
The appearance of external hyperlinks does not constitute endorsement of the linked websites, or the information, products or services contained therein. We provide these links and pointers solely for your information and convenience. When you select a link to an outside website, remember that you are subject to the privacy and security policies of the owners/sponsors of the outside website. To view information and resources on the policies that govern FEMA web content visit FEMA Website Information.

Section 504 Notice:
Section 504 of the Rehabilitation Act requires that FEMA grantees provide access to information for people with disabilities. If you need assistance accessing information or have any concerns about access, please contact FEMAWebTeam@fema.dhs.gov.