|
Volume 25 — Issue 7 | February 20, 2025 |
|
|
Over the past decade, first responders have begun integrating small unmanned aerial systems (UAS), or drones, as a resource for a variety of operational needs, such as search and rescue, firefighting, and post incident reconstruction.
UAS provide first responders with an aerial view of their environment and can be outfitted with various sensors tailored to different applications.
In 2020, the Department of Defense’s (DOD’s) Defense Innovation Unit (DIU) started a project called Blue UAS, which rapidly vets and scales commercial UAS technology for the DOD. The DIU continues to maintain a Blue UAS Cleared List of approved drones that are validated as cyber-secure and safe to fly for DOD missions.
In 2024, the National Urban Security Technology Laboratory (NUSTL), part of the Department of Homeland Security (DHS) Science and Technology Directorate (S&T), released a focus group report, Blue UAS for First Responders, which documented assessment criteria and use cases that could be used to evaluate DOD’s Blue UAS for use in civilian public safety missions.
On Feb. 10, NUSTL released its Blue UAS for First Responders Market Survey Report. The report is based on information gathered from manufacturer and vendor websites, and internet research. NUSTL identified 17 products ranging in price from $12,995 to $120,000.
The purpose of this market survey is to provide guidance for emergency response agencies making operational and procurement decisions. Agencies should consider overall capabilities, technical specifications, limitations of, and policies related to UAS in relation to their agency’s operational needs when making equipment selections.
Learn more and access the report in DHS S&T’s System Assessment and Validation for Emergency Responders (SAVER) Document Library.
(Source: DHS S&T)
|
|
|
Earlier this month, the Joint Task Force on EMS Response Staffing Configurations - a collaborative of national emergency medical services (EMS) organizations - published a white paper, Rethinking Emergency Medical Services: Applying Evidence and Data to Redesign Response Models for a Resilient and Sustainable Future.
The 7-page paper provides recommendations that are based on patient outcome data from peer-reviewed studies analyzing the impact of response times and EMS staffing levels. By incorporating this research, the guidelines offer evidence-based strategies to improve patient care while optimizing resources.
The white paper recognizes that the current EMS model prioritizes short response times and ALS staffing. It cites recent evidence-based research indicating that response times have minimal impact on patient outcomes in most cases, with only 6.9% of EMS patients requiring potentially life-saving interventions. The ongoing staffing crisis underscores the need for a more sustainable, data-driven approach to system design.
The white paper was released by the National Association of Emergency Medical Technicians (NAEMT). The Task Force included representation from NAEMT, the Academy of International Mobile Healthcare Integration (AIMHI), the International Academies of Emergency Dispatch, the International Association of Fire Chiefs, the International Association of Fire Fighters, the National Association of Emergency Medical Technicians, the National Association of EMS Physicians, the National Association of State EMS Officials, and the National Registry of Emergency Medical Technicians.
Access the white paper at NAEMT.org.
(Sources: NAEMT, AIMHI, EMS1, JEMS)
Last month, the Department of the Attorney General of Hawaii (DOAG) released its Phase Three report on the Lahaina fire, which devastated the town of Lahaina in Maui County, Hawaii, in August 2023.
The Lahaina Fire Forward-Looking Report (Phase Three) is the product of an independent analysis conducted by the Fire Safety Research Institute (FSRI), part of UL Research Institutes.
Phase Three organizes the findings from the Lahaina Fire Comprehensive Timeline Report (Phase One) and Lahaina Fire Incident Analysis Report (Phase Two) and prioritizes a list of action items the state and all counties can use to make improvements to Hawaii’s future preparation for and response to wildfires, including recommendations on how to address each priority.
The report also includes guidance for each county fire department to complete a Community Risk Assessment, Community Risk Reduction plan, and a Standards of Cover analysis. Each of these components are in progress and FSRI has provided the state and counties with guidance documents.
Among the highest priority items cited in Phase Three are to staff an Office of the State Fire Marshal and engage state agencies in addressing the Phase Two findings and recommendations.
Learn more at FSRI.org.
(Source: FSRI)
The Environmental Protection Agency (EPA) will host a webinar on Wednesday, March 12, from 2-4 p.m. EST, Lithium-ion Battery Challenges and Best Practices.
This two-hour webinar will present the current best practices, and primary challenges, for responding to lithium-ion (Li-ion) battery fires. The course will cover the basics of Li-ion batteries and their unique hazards; types of incidents that may be encountered; and transportation and disposal challenges during remediation of a battery incident.
This webinar is part of the EPA’s Tribal Oil Spill Prevention and Chemical Emergency Preparedness Webinar series. These webinars are a free resource for tribal partners interested in understanding the implementation of oil spill prevention and chemical emergency preparedness regulations on tribal lands.
Visit the Tribal Oil Spill Prevention and Chemical Emergency Preparedness Webinars web page for more information on how to attend the webinar.
(Source: EPA)
|
|
Connected Communities Initiative IoT Device Risk and Mitigation Infographic
On Feb. 12, the Cybersecurity and Infrastructure Security Agency (CISA) released the Connected Communities Initiative Internet of Things (IoT) Device Risk and Mitigation Infographic. IoT devices used within connected community networks often provide greater efficiency and cost-effectiveness for municipal infrastructure services. However, the increasing use of IoT and the collection of data make connected communities an attractive target for malicious actors. Vulnerabilities within IoT devices and systems could grant unauthorized access to these ecosystems, allowing lateral movement across interconnected critical infrastructure networks. Compromise of IoT devices and systems provides malicious actors with the ability to steal sensitive data and disrupt services or critical processes, resulting in significant impacts throughout connected community critical infrastructure systems.
The infographic highlights risks to connected communities from common interconnected IoT devices and groups the devices by IoT architecture, including the perception, transport, and application layers. Additionally, the infographic identifies mitigation recommendations to limit the risk posed by IoT devices used by a connected community. State, local, tribal, and territorial decision makers can utilize the infographic to visualize interconnected IoT related risks and implement risk mitigation measures.
For more information on CISA’s work to help mitigate risk posed to connected communities, visit Connected Communities.
(Source: CISA)
|
|
CISA and partners release advisory on Ghost (Cring) ransomware
On Feb. 19, CISA—in partnership with the Federal Bureau of Investigation (FBI) and Multi-State Information Sharing and Analysis Center (MS-ISAC)—released a joint Cybersecurity Advisory, #StopRansomware: Ghost (Cring) Ransomware. This advisory provides network defenders with indicators of compromise (IOCs), tactics, techniques, and procedures (TTPs), and detection methods associated with Ghost ransomware activity identified through FBI investigations.
Ghost actors conduct these widespread attacks targeting and compromising organizations with outdated versions of software and firmware on their internet facing services. These malicious ransomware actors are known to use publicly available code to exploit Common Vulnerabilities and Exposures (CVEs) where available patches have not been applied to gain access to internet facing servers.
(Source: CISA)
StateRAMP to rebrand later this year
The nationwide nonprofit that authorizes cloud service cybersecurity for state government use will rebrand later this year, the group’s executive director exclusively told Route Fifty this week.
The State Risk and Authorization Management Program, known as StateRAMP, will rebrand itself to “GovRAMP” to better reflect that the voluntary program can be used by local governments, educational institutions, hospitals and others, Leah McGrath said. An official announcement of the rebrand, which the board approved in December, is expected in February.
One of its biggest recent initiatives has been around cyber framework harmonization, which streamlines the patchwork of rules and guidelines issued by various government agencies that businesses and the public sector must then comply with. Federal regulations on cybersecurity are set by myriad agencies, which all have different auditing requirements and a web of standards to follow that sometimes vary.
(Source: Route Fifty)
CIS Year in Review 2024
The Center for Internet Security® (CIS®) released its CIS Year in Review 2024 on Feb. 13. The report summarizes CIS’ activities during the year, which included publication of two seminal reports:
CIS continued to play a pivotal role in supporting the cybersecurity posture of the U.S. State, Local, Tribal, and Territorial (SLTT) community in 2024, which included helping the nation address increased threats during the 2024 General Election.
CIS built an effective intelligence clearinghouse with law enforcement agencies across the country that became the basis for informing the election and law enforcement communities.
Read the CIS Year in Review 2024 report to get the full story.
(Source: CIS)
RansomHub claims two recent ransomware attacks on US government entities
Over the weekend, RansomHub added two US government entities to its data leak site — the City of Tarrant and Sault Ste. Marie Tribe of Chippewa Indians. In the case of Tarrant, it alleges to have stolen 28 GB of data, while a purported 119 GB has been stolen from the Sault Tribe. Both of these government organizations confirmed ransomware attacks earlier this month.
In the City of Tarrant, Alabama, systems were taken offline on Monday, February 10. The attack originated in the police department’s systems, which coincides with RansomHub’s proof pack. It contains a police incident report, a crime victim’s compensation form, an officer’s monthly report, and a traffic crash report.
The city did confirm it wouldn’t meet the hacker’s demands and that it would continue operating as normal. Systems were taken offline, however, which meant police had to resort to pen and paper.
(Source: Comparitech)
|
|
The InfoGram is distributed weekly to provide members of the Emergency Services Sector with information concerning the protection of their critical infrastructures. |
|
|
Fair Use Notice:
This InfoGram may contain copyrighted material that was not specifically authorized by the copyright owner. The EMR-ISAC believes this constitutes “fair use” of copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use copyrighted material contained within this document for your own purposes that go beyond “fair use,” you must obtain permission from the copyright owner.
Linking Policy and Disclaimer of Endorsement:
The appearance of external hyperlinks does not constitute endorsement of the linked websites, or the information, products or services contained therein. We provide these links and pointers solely for your information and convenience. When you select a link to an outside website, remember that you are subject to the privacy and security policies of the owners/sponsors of the outside website. To view information and resources on the policies that govern FEMA web content visit FEMA Website Information.
Section 504 Notice:
Section 504 of the Rehabilitation Act requires that FEMA grantees provide access to information for people with disabilities. If you need assistance accessing information or have any concerns about access, please contact FEMAWebTeam@fema.dhs.gov.
|
|
|
|
|
