|
Volume 25 — Issue 5 | February 6, 2025 |
|
|
Charging stations capable of supplying power to multiple electric vehicles (EVs) at once are primarily available along major highways, but they are becoming more available in public parking garages and workplace parking lots.
The Department of Transportation (DOT) defines these types of EV charging stations as direct current fast-charging (DCFC), with very high electric potential ranging from 400 to 1000 volts.
When an emergency occurs at one of these stations, responders need a quick means to disconnect power to mitigate the emergency safely. However, many responders are neither trained nor equipped to operate in extreme electrical hazard areas, especially if these areas do not have a readily accessible electrical disconnect.
The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) recently announced progress toward changing the National Fire Protection Association’s National Electric Code (NFPA 70) to add requirements for emergency disconnects on EV charging stations.
A task group comprised of experts from S&T’s Big City Fire Working Group (BCF) and its National Urban Security Technology Laboratory (NUSTL) was formed in 2023 to recommend language to address the need and propose changes to the code.
The final step in the process to revise the National Electrical Code will take place in June 2025, when a Technical Committee will vote to approve the language for inclusion in the 2026 version of NFPA 70.
In addition to DCFC’s, the DOT defines two additional EV charging speeds – Level 1 and Level 2. Level 1 chargers are the most common and can operate through a common residential 120-volt AC outlet.
Although Level 1 and Level 2 charging equipment operates at lower voltage than DCFCs, installing and operating these chargers properly is still critical to lowering risk of fire or electric shock. The U.S. Fire Administration (USFA) provides safety messages and an Electric Vehicle Charging Safety Tips sheet that you can share with EV owners in your community.
Learn more about S&T’s project to update the National Electrical Code and enhance DCFC charging station safety in its Jan. 16 Feature Article. Visit the National Highway Transportation Safety Administration’s (NHTSA’s) website for more information on EV battery charging safety and how to locate public charging stations in your area.
(Sources: DHS S&T, NFPA, USFA, DOT, NHTSA)
|
|
|
According to an analysis by the New York Times, in the three weeks following the Apalachee (Georgia) High School shooting that claimed the lives of two students and two teachers, more than 700 children and teens were arrested for allegedly communicating threats against schools in at least 45 states. There were indications that law enforcement officers had contacted the alleged Apalachee school shooter in May 2023 - prior to the shooting - to investigate allegations that he had posted school threats to social media. Their investigation was inconclusive.
Determining whether threats of school violence are credible and imminent can be challenging for law enforcement.
The Department of Justice’s (DOJ’s) Office of Community Oriented Policing (COPS Office) recently published a guidance document, the Preliminary Law Enforcement Investigation Checklist: Threat of Imminent School Violence.
The checklist was developed to simplify the complex inquiry required to determine whether a threat of school violence is credible. The checklist is based on guidance from the U.S. Secret Service, National Threat Assessment Center. It was developed with funding from the COPS Office through a grant to the National Association of School Resource Officers (NASRO).
Patrol and school resource officers are encouraged to review this guidance along with the Additional Notes and Considerations, which describe action steps to take, depending on the outcome of your investigation.
Read the feature article in latest issue of the COPS Office’s Community Policing Dispatch to learn more about this resource.
This checklist is designated Law Enforcement Sensitive. To request an electronic copy, please contact the COPS Office Response Center at AskCOPSRC@usdoj.gov.
(Source: DOJ COPS Office)
The Department of Transportation’s (DOT’s) Pipeline and Hazardous Safety Administration (PHMSA) issued a safety advisory on Jan. 13, Unsafe Cylinders Being Sold Online by Major Retailers to Consumers and HVAC Contractors.
PHMSA issued this advisory to bring attention to unauthorized cylinders being filled with hazardous materials and transported in commerce in support of a business operation, which could cause significant damage to property, physical injury, or death. PHMSA has found several instances of empty cylinders being sold to consumers, shippers, and heating, ventilation, and air conditioning (HVAC) personnel and service technicians that were not manufactured to a DOT specification or UN standard and lack certification markings.
Read the full safety advisory at PHMSA.gov
(Source: PHMSA)
The Federal Emergency Management Agency (FEMA) will host a series of weekly Lunch and Learn webinars every Thursday, beginning February 20 and concluding on March 6.
These sessions will focus on FEMA's updated Radiological Emergency Preparedness Program Manual, which provides planning and assessment guidance for state, local, Tribal Nations and territorial partners located near commercial nuclear power plants.
Each webinar will cover a different topic:
- Overview of the Radiological Emergency Preparedness Program Manual, Thursday, Feb. 20, 1-2 p.m. EST.
- Flexibilities in the Protective Action Guides Manual, Thursday, Feb. 27, 1-2 p.m. EST.
- Hurricane Florence Impacts and the Radiological Emergency Preparedness Program, Thursday, March 6, 1-2 p.m. EST.
- An Overview of the FEMA Technological Hazards Division's Radiological Emergency Preparedness Program, Thursday, March 13, 1-2 p.m. EST.
Visit FEMA’s Radiological Emergency Preparedness page to learn more about the program, including training opportunities, the standard operating guide, reference library, after-action reports and the national public information map.
(Source: FEMA)
|
|
Guidance and strategies to protect network edge devices
On Feb. 4, the Cybersecurity and Infrastructure Security Agency (CISA) highlighted the release of a set of guidance documents from international cybersecurity authorities on protecting network edge devices.
This guidance is intended to help organizations protect their network edge devices and appliances, such as firewalls, routers, virtual private networks (VPN) gateways, Internet of Things (IoT) devices, internet-facing servers, and internet-facing operational technology (OT) systems.
The guidance includes:
(Source: CISA)
New victims of citywide cyberattack discovered in Columbus Division of Fire records breach
Nearly seven months after a citywide cyberattack led to hundreds of thousands of private citizens’ information being leaked, the city has discovered more individuals who are impacted.
The database that was involved in the cyberattack included emergency dispatch and other records. A small number of records included brief notes about emergency medical services that were provided. The city discovered the Division of Fire database contained data that could be considered PHI on Dec. 12, 2024. The database was then reviewed and analyzed to find the individuals whose PHI was released.
(Source: WBNS Columbus)
|
|
The Economics of Cybersecurity Decision-Making
On Feb. 4, the Center for Internet Security (CIS) released Episode 121 of its “Cybersecurity Where You Are” podcast. The episode, The Economics of Cybersecurity Decision-Making, discusses the role of economics in cyber risk quantification and cybersecurity decision-making.
Highlights include:
- How incentives, market failures, and other economic principles intersect with cybersecurity.
- A model of translating shared information as a way to capture complexity in cybersecurity decision-making.
- Pressing issues when making decisions about cybersecurity.
- How to have enough confidence and a cyber risk quantification model that's useful.
- How rigorous recommendations can help to match modeling and techniques like minimization.
- The role of the Board in making cybersecurity decisions and how to speak its language.
(Source: CIS)
Ransomware payments decline 35% as victims resist demands
Ransomware payments fell by 35% year-over-year in 2024 amid a growing refusal by victims to pay demands, according to a new Chainalysis report.
Ransomware groups received approximately $813.55m in extortion payments from victims last year, which compares to a record $1.25bn in 2023. Notably, in the first half of 2024, ransomware revenues were 2.38% higher than compared to H1 2023. However, payment activity slowed significantly in H2 2024.
A major factor in the fall in ransomware payments appears to be a growing refusal of victims to pay.
(Source: Infosecurity Magazine)
DeepSeek: The countries and agencies that have banned the AI company’s tech
DeepSeek, the Chinese AI company, is raising the ire of regulators around the world. DeepSeek’s viral AI models and chatbot apps have been banned by a growing number of countries and government bodies, which have expressed concerns over DeepSeek’s ethics, privacy, and security practices.
Governments that have banned DeepSeek so far include Italy, Taiwan, U.S. Congress, Texas, U.S. Navy, the Pentagon, and NASA.
Corporations have banned DeepSeek, too — by the hundreds. The biggest worry reportedly is potential data leakage to the Chinese government. According to DeepSeek’s privacy policy, the company stores all user data in China, where local laws mandate organizations to share data with intelligence officials upon request.
(Source: TechCrunch)
Map reveals cyberattack risk for all 50 states
A new map has revealed the cyberattack risk for thousands of county governments across all 50 U.S. states.
Developed by researchers from the University of Maryland, the map reveals that risk is heightened in California and the Southeastern U.S.—particularly Florida and Virginia.
As the researchers explain, state and federal governments cannot control the cybersecurity measures adopted by individual municipalities. They can, however, incentivize enhanced security via grants, with the team hoping that their findings will help authorities prioritize such investments.
According to the Center for Internet Security, malware attacks on state and local governments have more than doubled between 2022 and 2023.
The study collected data on 42,735 Internet-facing devices and 51,487 open network ports across 3,095 local governments—representing 98 percent of all U.S. counties. Having assessed the potential points of entry and vulnerabilities an attacker could exploit, the research team plotted their data into a "heat map" of cybersecurity risk.
The team recently briefed the National Governors Association about their findings and are reaching out to 19 counties which they say need to take immediate action.
(Source: Newsweek)
|
|
The InfoGram is distributed weekly to provide members of the Emergency Services Sector with information concerning the protection of their critical infrastructures. |
|
|
Fair Use Notice:
This InfoGram may contain copyrighted material that was not specifically authorized by the copyright owner. The EMR-ISAC believes this constitutes “fair use” of copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use copyrighted material contained within this document for your own purposes that go beyond “fair use,” you must obtain permission from the copyright owner.
Linking Policy and Disclaimer of Endorsement:
The appearance of external hyperlinks does not constitute endorsement of the linked websites, or the information, products or services contained therein. We provide these links and pointers solely for your information and convenience. When you select a link to an outside website, remember that you are subject to the privacy and security policies of the owners/sponsors of the outside website. To view information and resources on the policies that govern FEMA web content visit FEMA Website Information.
Section 504 Notice:
Section 504 of the Rehabilitation Act requires that FEMA grantees provide access to information for people with disabilities. If you need assistance accessing information or have any concerns about access, please contact FEMAWebTeam@fema.dhs.gov.
|
|
|
|
|
