August 17, 2006 Infogram

This INFOGRAM will be distributed weekly to provide members of the Emergency Services Sector with information concerning the protection of their critical infrastructures. For further information, contact the Emergency Management and Response - Information Sharing and Analysis Center (EMR-ISAC) at (301) 447-1325 or by e-mail at emr-isac@dhs.gov.

EMR-ISAC Goals

For over five years, the Emergency Management and Response-Information Sharing and Analysis Center (EMR-ISAC) attempted to inform the leaders, owners, and operators of Emergency Services Sector (ESS) organizations regarding critical infrastructure protection (CIP). The EMR-ISAC goals were to enhance survivability, continuity, and response-ability for the hazardous and unpredictable circumstances in which ESS personnel perform their duties.

The National Strategy for Homeland Security, National Infrastructure Protection Plan, and current domestic and international state of affairs necessitate that the EMR-ISAC adjusts its goals to meet the CIP needs of emergency departments and agencies. Therefore, through expedient and efficient information collection, analysis, and dissemination, the EMR-ISAC will endeavor to accomplish the following additional goals during the remainder of this year and into the next:

Promote awareness of the threats to and vulnerabilities of ESS critical infrastructures.
Encourage ESS prevention and protection activities for man-made and natural disasters.
Facilitate collaboration among ESS disciplines via user-friendly portals within the Homeland Security Information Network (HSIN).
Coordinate with the National Infrastructure Coordinating Center and other ISACs to maintain situational awareness and learn the probable effects of national and international incidents.

Individuals in ESS leadership positions who are NOT registered in DisasterHelp.gov and subscribed to receive the CIP (FOUO) Notices and these INFOGRAMs should contact the EMR-ISAC at emr-isac@dhs.gov or at 301-447-1325. Ensure your emergency department or agency will benefit from the EMR-ISAC goals and its FREE services.

E-Crime: An ESS Problem?

According to the Electronic Crime Watch Survey conducted by the United States Secret Service (USSS) and the CERT Coordination Center at Carnegie Mellon University, over 20 percent of the cases with identified subjects were perpetrated by insiders of the organization. Consequently, the researchers concluded that "the threat of a cyber attack from insiders is real and substantial." These specialists discovered that "insider attacks have occurred across all infrastructure sectors, causing significant disruption to affected organizations."

The destructive acts ranged from "low-tech" attacks, such as fraud or theft of proprietary information, to technically sophisticated crimes that incapacitated the agency. Damages are not only financial but can also seriously disrupt the organization's essential services and ruin its reputation. For example, the computer network in a Florida city was recently incapacitated for a few days and countless files were deleted by an Internet virus introduced by local first responders. "Inappropriate Internet usage resulted in a virus that fried the city's computer network," said a local news report.

Insiders have an advantage because they can frequently bypass physical and technical security measures (e.g., firewalls, intrusion detection systems) designed to prevent unauthorized external access. "Not only are insiders aware of the policies, procedures, and technology used in their departments, but they are often aware of the vulnerabilities, such as loosely enforced policies and procedures or exploitable technical flaws in the networks or systems."

Insiders can be stopped through a layered defense strategy consisting of policies, procedures, and technical controls that are taught to all personnel and supported by consistent and rigid enforcement. The USSS and CERT Coordination Center allege that use of widely accepted best practices for information security could have prevented many of the insider attacks examined in the E-Crime Watch Survey. Avoid a potential degradation of the ESS cyber infrastructure, and the subsequent reduction in essential tasks by learning more about cyber protection evaluations and practices. Visit the CERT's website at http://www.cert.org/nav/index_green.html.

CEDAP Grants for GIS Software and Training

The Emergency Management and Response-Information Sharing and Analysis Center (EMR-ISAC) recommends Emergency Services Sector (ESS) departments and agencies apply immediately for the more than $32 million to be awarded by the Department of Homeland Security for the Commercial Equipment Direct Acquisition Program (CEDAP).

CEDAP provides smaller communities and rural areas with technology and equipment, together with training and technical assistance, to help enhance first responder capabilities. The funds provide geographic information system (GIS) software and training to emergency first responders who demonstrate in their applications that the equipment will be used to improve their ability to work with other responders or their ability and capacity to respond to a major critical incident.

The GIS software package provides a set of tools applicable to the missions and goals expected of responders under the National Response Plan, National Incident Management System, and other DHS mandates. The package contains basic GIS software (i.e., ArcGIS, ArcView, and ArcGIS Spatial Analyst) and two Virtual Campus training courses. The software will enable geographic data visualization, query, analysis, and integration with the ability to create and edit geographic data. It also facilitates modeling of potential disasters and damage assessment.

GIS can integrate threat data with geographic data, quickly analyzing potential threats and their proximity to vulnerable critical infrastructures. It produces a visual representation of a community's critical infrastructures and relationship to other important locations for the development of buffer zone protection plans, whether simple or complex. The system also assists in plan development, risk assessment, damage assessment, and supports incident command and management. For any given critical asset, GIS additionally enables visual display of such information as demographics, economic impact, national strategic importance, and environmental impact.

The EMR-ISAC considers GIS software and training important tools to aid in critical infrastructure protection activities, and encourages ESS organizations to contact Marj Dougherty, grant coordinator, at 208-286-0220, e-mail grantcoord@esri.com for more information. Online applications must be completed no later than September 22, 2006.

Army Chemical Education Resource for ESS

To ensure that all Emergency Services Sector (ESS) organizations are aware of life-saving training and education resources to bolster their critical infrastructure activities, the Emergency Management and Response-Information Sharing and Analysis Center (EMR-ISAC) offers its findings regarding the Chemical Casualty Care Division (CCCD) of the U.S. Army Medical Research Institute of Chemical Defense (USAMRICD).

The CCCD is staffed by physicians and other military and civilian personnel whose mission is to implement an education program for medical professionals, and a training program for first responders in the management of chemical agent casualties. The Division's courses are offered on site, off site, and through distance learning. Many of the courses are eligible for continuing education credit.

Some of the programs are interactive multimedia online courses in which users of the website can elect to be tested on computer-based training subjects. Most of the supporting educational products (e.g., textbooks, articles, and videos) can be used online or download at no charge. In-house courses, offered primarily in Maryland, require fees for non-Army employees.

These educational courses are patient oriented, but the EMR-ISAC understands that there may be critical infrastructure protection value for emergency medical services (EMS) personnel providing treatment. Interested EMS individuals can explore CCCD's educational opportunities by visiting https://ccc.apgea.army.mil/default.htm and completing the user registration information.

FAIR USE NOTICE

This INFOGRAM may contain copyrighted material that was not specifically authorized by the copyright owner. EMR-ISAC personnel believe this constitutes "fair use" of copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use copyrighted material contained within this document for your own purposes that go beyond "fair use," you must obtain permission from the copyright owner.

Reporting Notice

DHS and the FBI encourage recipients of this document to report information concerning suspicious or criminal activity to DHS and/or the FBI. The DHS National Operation Center (NOC) can be reached by telephone at 202-282-9685 or by e-mail at NOC.Fusion@dhs.gov.

The FBI regional phone numbers can be found online at www.fbi.gov/contact/fo/fo.htm

For information affecting the private sector and critical infrastructure, contact the National Infrastructure Coordinating Center (NICC), a sub-element of the NOC. The NICC can be reached by telephone at 202-282-9201 or by e-mail at NICC@dhs.gov.

When available, each report submitted should include the date, time, location, type of activity, number of people and type of equipment used for the activity, the name of the submitting company or organization, and a designated point of contact.

Weekly INFOGRAM's are now available as an RSS Feed. More Information »