View as a webpage / Share

Volume 24 — Issue 24 | June 13, 2024

FBI special report: Law enforcement officers killed and assaulted in the line of duty in 2023

On May 31, the Federal Bureau of Investigation (FBI) released a special report, Officers Killed and Assaulted in the Line of Duty, 2023.

This report contains information about incidents that occurred in 2023 in which law enforcement officers were feloniously or accidentally killed or assaulted in the line of duty. The data comes from the FBI’s Law Enforcement Officers Killed and Assaulted (LEOKA) Data Collection, which contains data voluntary submitted to the FBI by federal, state, local, tribal, territories, and other types of law enforcement agencies.

In 2023, 60 felonious officer deaths, and 79,091 officer assaults were reported to the FBI. These numbers are still considered preliminary and will be finalized when the FBI publishes its official 2023 LEOKA tables within its Crime Data Explorer (CDE) later this year.

The following are a few notable findings from the FBI’s analysis of the 2023 LEOKA data.

• In incidents where officers were feloniously killed, firearms were the most reported weapon, followed by vehicles.
• Officers were assaulted at a rate of 13.2 assaults per 100 officers, which is the highest officer assault rate in the past ten years.
• The number of officers assaulted and injured by firearms reached a ten-year high at approximately 466 officers.
• Over the past 3 years, there has been a slight decline in officer felonious killings; however, over the same time period, the rate of assaults against officers has increased.
• Over the 5-year period between 2019 and 2023, 234 accidental law enforcement officer deaths were reported. About 57% of these accidental deaths were related to motor vehicle crashes, and an overwhelming majority of these occurred while officers were on patrol in a public space, such as a highway, road, alley, or sidewalk.

The goal of the LEOKA Data Collection is to compile and publish information about the nation's officers who were killed or assaulted in the line of duty for the benefit of officer safety and public awareness. Collectively, these statistics provide vital information that can improve awareness of risks to law enforcement officers in the United States.

Read the full report for detailed breakdowns of the 2023 data, including circumstances surrounding accidental deaths and injuries; the types of offenses, locations, weapon types, and other details for felonious deaths and injuries; and trends in the data over the past few years.

(Source: FBI)

Highlights

FBI special report: Law enforcement officers killed and assaulted in the line of duty in 2023

OSHA updates Hazard Communication Standard to better protect workers, first responders

Public Safety Officer Medal of Valor nomination period now open

Webinar: Back to Basics - Enhancing Safety and Performance in the Fire Service

Cyber Threats

The U.S. Fire Administration operates the Emergency Management and Response – Information Sharing and Analysis Center (EMR-ISAC).

For information regarding the EMR-ISAC visit www.usfa.dhs.gov/emr-isac or contact the EMR-ISAC office at: (301) 447-1325 and/or fema-emr-isac@fema.dhs.gov.

OSHA updates Hazard Communication Standard to better protect workers, first responders

On May 20, the Department of Labor announced a final rule to implement a major update to the Occupational Safety and Health Administration’s (OSHA’s) Hazard Communication Standard.

Chemicals in the workplace should carry clear labels and easy-to-understand information about their hazards. OSHA’s Hazard Communication Standard provides a standardized approach to workplace hazard communications associated with exposure to hazardous chemicals. It was established in 1983 and was last updated in 2012 to align with the third revision of the Globally Harmonized System of Classification and Labeling of Chemicals (GHS).

The changes will improve the amount and quality of information on labels, safety data sheets, and small packaging. This will allow workers and first responders to react more quickly in an emergency. The update will also help ensure trade secrets no longer prevent workers and first responders from receiving critical hazard information on safety data sheets.

The 2024 update is aligned primarily with the seventh revision of the GHS. It addresses issues that arose since the implementation of the 2012 standard and improves alignment with other federal agencies and Canada. 

Visit OSHA.gov/hazcom for an overview of these changes, the full text of the final rule, and answers to frequently asked questions about how these changes will impact workers and first responders. The updates take effect on Friday, July 19, 2024.

(Source: OSHA)

Public Safety Officer Medal of Valor nomination period now open

The nomination period is now open for the Public Safety Officer Medal of Valor.

Every day, public safety officers risk their lives to protect America’s citizens and communities. To honor that commitment, Congress passed the Public Safety Officer Medal of Valor Act of 2001. This Act created the highest national award for valor that can be received by a public safety officer. The Bureau of Justice Assistance (BJA) administers the Public Safety Officer Medal of Valor, honoring public safety officers in law enforcement, firefighting, and emergency services who demonstrate extraordinary acts of service to protect human life and ensure community safety.

Nominations for the 2023-2024 Medal of Valor must be submitted or approved by the chief executive officer of the employing agencies and cover events that took place between June 1, 2023, and May 31, 2024.

Learn about former award recipients and review frequently asked questions to help you prepare your nominations. You can also watch a video of the May 17, 2023, Medal of Valor awards ceremony to see the President of the United States honoring the recipients from the 2021-2022 award year. Multiple public safety officers can be nominated for the same event, and individual officers can be nominated for multiple acts of service.

Nominations are being accepted until Wednesday, July 31, 2024, at 5:00 p.m. EDT.

(Source: BJA)

Webinar: Back to Basics - Enhancing Safety and Performance in the Fire Service

The 2024 Firefighter Safety Stand Down will take place next week from June 16 to 22. This year’s theme is “Fire Training: Back to Basics.”

In observance of this year’s Safety Stand Down week, Lexipol is hosting a webinar on Monday, June 17, 2024 at 1 p.m. EDT, Back to Basics: Enhancing Safety and Performance in the Fire Service.

Whether you are looking to reinforce basic skills or integrate advanced safety protocols, this kick-off webinar will equip you with the knowledge and tools needed for leading a safer, more prepared fire service team.

Participants will learn:

• How safety standards were developed and why they exist.
• Why you should never forget what you learned in the academy.
• How to assess your community to improve service delivery.
• How to ensure both physical health and mental health within your organization.

Learn more and register at Lexipol.com. Registration is free. A link to the recording will be provided to registrants after the event.

(Source: Lexipol)

Cyber Incident Assistance

MS-ISAC
SOC@cisecurity.org
1-866-787-4722

IdentityTheft.gov

IC3

Cybercrime Support Network

General Information

StopRansomware.gov

CISA's Known Exploited Vulnerabilities Catalog

FTC scam list

CISA alerts

Law Enforcement Cyber Center

TLP Information

ICS Advisory: Intrado 911 Emergency Gateway

Intrado, a provider of software services to the public safety community, provides a hosted E911 solution that delivers calls to the jurisdictionally appropriate PSAP with detailed caller location information automatically sent to the 911 call taker's screen. Part of this system is an emergency gateway (EGW). Intrado’s 911 Emergency Gateway is an on-premises management appliance that simplifies E911 in complex, multi-vendor unified communications (UC) deployments.

On June 11, the Cybersecurity and Infrastructure Security Agency (CISA) published an Industrial Control System (ICS) Advisory concerning an SQL Injection vulnerability in Intrado’s 911 Emergency Gateway. Successful exploitation of this vulnerability could allow an attacker to execute malicious code, exfiltrate data, or manipulate the database.

CVE-2024-1839 has been assigned to this vulnerability. This vulnerability is rated as critical with a score of 10.0.

Intrado has provided a patch to mitigate the vulnerability. Any EGWs deployed on older revisions will need to be upgraded to the 5.5/5.6 branch to apply the patch. For assistance in obtaining the patch, contact Intrado's technical support group at 1-888-908-4167 or E911Support@intrado.com.

Read CISA’s ICS Advisory to learn more about this vulnerability and additional defensive mitigations.

(Source: CISA)

National Internet Safety Month: This June, take 4 easy steps to stay safe online

The U.S. Senate first designated June as National Internet Safety Month in 2005, primarily to raise awareness of internet dangers and highlight the need for education about online safety, especially among young people. In the years since then, with the rise of smartphones, social media and other new technologies, the amount of time people spend online has grown enormously—as have the risks.

Most of the time, cyberattacks occur due to poor cyber hygiene. Fortunately, there are four simple things we can all do to help protect ourselves and, by extension, others:

1. Use strong passwords.
2. Turn on multifactor authentication (MFA).
3. Update software.
4. Recognize and report phishing.

CISA’s new cybersecurity awareness program Secure Our World provides many resources for improving online safety, such as short how-to videos on the four actions above, tip sheets in 10 languages, and more.

(Source: CISA)

Microsoft, Google pledge 'low cost' cybersecurity services to rural hospitals

Rural hospitals will gain access to cybersecurity services at reduced prices thanks to a new initiative led by Microsoft, Google and the White House.

The Biden administration said on Monday Google will provide endpoint security advice to rural hospitals and nonprofit organizations at no cost and a “pool of funding to support software migration.” Google will also launch a pilot program with rural hospitals to develop a package of security capabilities that fits each hospital’s needs.

Microsoft concurrently announced a program for rural hospitals which will see the tech giant provide “non-profit pricing” and other discounts of up to 75% for security products used by independent critical access hospitals and rural emergency hospitals.

(Source: The Record)

As many as 165 companies ‘potentially exposed’ in Snowflake-related attacks, Mandiant says

As many as 165 organizations may be impacted by data exfiltration attacks targeting customers of the data storage firm Snowflake, Google’s Mandiant said Monday.

As details regarding the operation targeting Snowflake continue to emerge, the incident has already ensnared a slew of major companies — including Ticketmaster, Santander Group, Advance Auto Parts and others — and affected a huge number of individuals, potentially in the hundreds of millions. 

(Source: Cyberscoop)

HC3 Sector Alert: Prevention of Unauthorized Access for Snowflake

On June 2, 2024, Snowflake observed an increase in cyber threats targeting accounts on their cloud data platform. The manufacturer suspects this is due to ongoing, industry-wide, identity-based attacks to access customer data.

Additional research suggests that these attacks use user credentials that are exposed through unrelated cyber incidents. It is not believed that this activity is linked to any vulnerability, misconfiguration, or malicious activity within the Snowflake product, but may be related to CVE-2023- 51662.

The Department of Health and Human Services’ (HHS’) Health Sector Cybersecurity Coordination Center (HC3) strongly encourages all users to review this Threat Alert, and to apply any mitigations to prevent serious damage from occurring to the Healthcare and Public Health (HPH) sector.

(Source: HHS HC3)

Cleveland cyberattack forces government to cut network access

In an update on the social media platform X on Tuesday evening, Cleveland officials said security teams first became aware of “abnormalities” in the city’s IT environment on Monday. After taking “precautionary actions to contain those abnormalities” which involved cutting off access to city systems, the City said it has been busy “investigating the nature and scope of the incident.”

The update also made sure to inform the City’s more than 360,000 residents that all emergency services, including 911 call centers, police and fire departments, as well as EMS services are all operating normally.

Cleveland is Ohio’s second largest city after Columbus, the state capital.

“While it is good that police, fire, and emergency medical services are still functioning in Cleveland, cyber incidents like this have the potential to disrupt public services,” Laundanski pointed out.

(Source: Cyber News)

Drivers could soon see message boards return on Kansas City’s highways

Drivers could soon see real-time information return to message boards across Kansas City metro highways.

The electronic message boards were taken offline after KC Scout was hit by a cyberattack in April which resulted in the loss of traffic cameras and more. For months now, those who wish to navigate Kansas City’s highways have had to find information on both the Missouri Department of Transportation and Kansas Department of Transportation websites.

On Wednesday, June 12, the Missouri Department of Transportation announced that staff celebrated the first successful electronic message board tests. If all testing remains successful, real-time information could return to drivers on Show-Me State roadways within the next week. As of June 12, no further information about the cyberattack, including the root of the attack, has been made available.

(Source: KCTV5 – Kansas City, Missouri)

The InfoGram is distributed weekly to provide members of the Emergency Services Sector with information concerning the protection of their critical infrastructures.

Fair Use Notice:
This InfoGram may contain copyrighted material that was not specifically authorized by the copyright owner. The EMR-ISAC believes this constitutes “fair use” of copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use copyrighted material contained within this document for your own purposes that go beyond “fair use,” you must obtain permission from the copyright owner.

Linking Policy and Disclaimer of Endorsement:
The appearance of external hyperlinks does not constitute endorsement of the linked websites, or the information, products or services contained therein. We provide these links and pointers solely for your information and convenience. When you select a link to an outside website, remember that you are subject to the privacy and security policies of the owners/sponsors of the outside website. To view information and resources on the policies that govern FEMA web content visit FEMA Website Information.

Section 504 Notice:
Section 504 of the Rehabilitation Act requires that FEMA grantees provide access to information for people with disabilities. If you need assistance accessing information or have any concerns about access, please contact FEMAWebTeam@fema.dhs.gov.