Infogram
August 26, 2004
NOTE: This INFOGRAM will be distributed weekly to provide members of the emergency management and response sector with information concerning the protection of their critical infrastructures. It has been prepared by NATEK Incorporated for the Emergency Preparedness and Response Directorate. For further information, contact the Emergency Management and Response - Information Sharing and Analysis Center (EMR-ISAC) at (301) 447-1325 or by e-mail at emr-isac@dhs.gov.
Indicators of Suspicious Activities
As the EMR-ISAC continues to study credible threats to the Emergency Services Sector (ESS) of the nation, concern increases regarding the vulnerability of emergency personnel, physical assets, and communication/cyber systems (i.e., critical infrastructures) to exploitation by domestic or transnational terrorists. Since there have been no reported attacks on the ESS and other sectors since 9/11, security experts fear the possibility of reduced vigilance and complacency within several sectors. They consider this prospect as particularly dangerous during the present period of increased risk lasting through the Presidential Inauguration on January 20, 2005.
To promote the uninterrupted "response-ability" of all emergency departments, the EMR-ISAC collected some current basic indicators for consideration and proactive critical infrastructure protection (CIP) action. In addition to the reminders presented in the 5 August INFOGRAM at (http://www.usfa.dhs.gov/subjects/emr-isac/infograms/ig2004/igaug0504.shtm), possible indicators of suspicious activities may include the following, which is certainly not an exhaustive list:
- Persons filming or photographing emergency personnel, equipment, apparatus, etc.
- Individuals watching and/or noting emergency operations and training.
- People seeking information about plans, operations, equipment, communications, etc.
- Theft of or malicious damage to of department property.
- Unannounced or unscheduled visits by contractors and vendors.
- Unusual visits by suspected disgruntled employees or former employees.
- Violations of communications/cyber security standards and best practices.
Emergency response departments or agencies that experience the above indicators are requested to contact their local law enforcement as well as the National Infrastructure Coordination Center at 202-282-9201, Facsimile: 703-607-4998, E-Mail: nicc@dhs.gov.
Sensitive CIP Notices
The EMR-ISAC primarily exists to promote critical infrastructure protection (CIP) by emergency managers and first responders nationwide. This Information Sharing and Analysis Center (EMR-ISAC) has been energetically advocating CIP through these weekly INFOGRAMs, periodic CIP Bulletins, and, more recently, Sensitive CIP Notices. As discussed in a recent INFOGRAM, the Sensitive CIP Notices are For Official Use Only (FOUO) because they almost always contain emergent, actionable intelligence regarding the threats to and vulnerabilities of the Emergency Services Sector (ESS).
It is important to note here that the Department of Homeland Security (DHS) through its Federal Emergency Management Agency (FEMA) component requires the EMR-ISAC to expedite Sensitive CIP Notices to the ESS senior leadership for their attention and action: police/fire/EMS department chiefs, deputy/assistant chiefs (second-in-command), fire marshals, and emergency managers. Within DHS and FEMA there is a tremendous sense of urgency about the sharing of these documents because the contents will potentially affect the plans and operations of emergency managers and responders.
Again, the EMR-ISAC must encourage ESS senior leaders to ensure they are properly registered and subscribed on the DisasterHelp.gov website to receive Sensitive CIP information when periodically published. It is absolutely "need-to-know" decision-making information that can be obtained by completing a brief online application at https://disasterhelp.gov/usfacip.html.
Please contact the EMR-ISAC at 301-447-1325 or at emr-isac@dhs.gov if you desire clarification about this vital information sharing initiative.
Two Useful Documents
The EMR-ISAC reviewed two documents and found content within each applicable to the critical infrastructure protection activities of the Emergency Services Sector and the citizens served by sector organizations. Sector personnel interested in learning more about disaster response and preparedness can view these documents at the following links:
- ASIS Disaster Preparation Guide: http://www.asisonline.org/newsroom/crisisResponse/disaster.pdf
- Occupational Safety and Health Administration (OSHA) Principal Emergency Response and Preparedness Requirements and Guidance: http://www.osha.gov/Publications/osha3122.pdf
Operations Security for Public Safety Agencies
The primary mission of the Interagency Operations Security Support Staff (IOSS) is to act as a consultant to departments and agencies, providing technical assistance that will result in self-sufficient operations security (OPSEC) programs throughout American government and society to protect U.S. operations. The IOSS staff supports the National OPSEC Program through multimedia products, tailored training, and the presentation of activities and events that attract attendees from the security, intelligence, research and development, acquisition, and public safety communities. The IOSS promulgates a process that can be used to deny adversaries the critical information they need to plan actions against the operations of national critical infrastructures.
To order a DVD or VHS copy of the presentation entitled "Operations Security for Public Safety Agencies," visit the IOSS website at www.ioss.gov or send an e-mail to ioss@radium.ncsc.mil, for fax your request to 443-479-4669.
FAIR USE NOTICE
This INFOGRAM may contain copyrighted material that was not specifically authorized by the copyright owner. EMR-ISAC personnel believe this constitutes "fair use" of copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use copyrighted material contained within this document for your own purposes that go beyond "fair use," you must obtain permission from the copyright owner.
Reporting Notice
DHS and the FBI encourage recipients of this document to report information concerning suspicious or criminal activity to DHS and/or the FBI. The DHS National Operation Center (NOC) can be reached by telephone at 202-282-9685 or by e-mail at NOC.Fusion@dhs.gov.
The FBI regional phone numbers can be found online at www.fbi.gov/contact/fo/fo.htm
For information affecting the private sector and critical infrastructure, contact the National Infrastructure Coordinating Center (NICC), a sub-element of the NOC. The NICC can be reached by telephone at 202-282-9201 or by e-mail at NICC@dhs.gov.
When available, each report submitted should include the date, time, location, type of activity, number of people and type of equipment used for the activity, the name of the submitting company or organization, and a designated point of contact.
Weekly INFOGRAM's are now available as an RSS Feed. More Information »
This is an archived historical document.
U.S. Fire Administration, 16825 S. Seton Ave., Emmitsburg, MD 21727
(301) 447-1000 Fax: (301) 447-1346 Admissions Fax: (301) 447-1441