Infogram

February 12, 2004

NOTE: This INFOGRAM will be distributed weekly to provide members of the emergency management and response sector with information concerning the protection of their critical infrastructures. It has been prepared by NATEK Incorporated for the Emergency Preparedness and Response Directorate. For further information, contact the Emergency Management and Response - Information Sharing and Analysis Center (EMR-ISAC) at (301) 447-1325 or by e-mail at emr-isac@dhs.gov.

Incident Response Preparedness

The recent ricin discoveries are grievous reminders that America's fire and emergency medical personnel may be called upon to participate in similar or identical response and recovery efforts. This possibility should cause a reexamination of preparedness by the emergency services for chemical and biological incidents.

In order to ensure the critical infrastructure protection (CIP) of engaged first response organizations, specialists at the U.S. Fire Administration (USFA) and the Emergency Management and Response-Information Sharing and Analysis Center (EMR-ISAC) offer the following questions for consideration by department chief officers:

Has the organization thoroughly considered, planned, and rehearsed how it would respond?
Does the department have the necessary response and recovery equipment?
Has the organization conducted the appropriate training in entry and decontamination?
Has the department participated in joint agency exercises for these events?
Does the organization need assistance from external sources that can be fixed in a mutual aid agreement?
Has the department efficiently coordinated with its stakeholders for these incidents?
Do organization plans include procedures to develop an Incident Command Team and, when necessary, a Unified Command Team?
Does the department have measures to protect internal critical infrastructure during response and recovery operations?

For additional suggestions or assistance, contact Mr. Wayne Yoder, USFA HAZMAT specialist, at 301-447-1090, or at wayne.yoder@dhs.gov.

Promoting CIP Activities

Located at the National Emergency Training Center (NETC), Emmitsburg, MD, the EMR-ISAC offers many advantages to the emergency management and response (EMR) sector, which it exits to serve with timely, relevant critical infrastructure protection information. The EMR-ISAC has an abundance of quality resources available to assist with the needs of sector members (i.e., emergency managers, firefighters, emergency medical technicians, and paramedics). For example, it has access to the Emergency Management Institute, National Fire Academy, NETC Learning Resource Center, and the National Fire Programs. Also available for consultation are specialists in the areas of emergency management, firefighting, emergency medicine, hazardous materials, response, mitigation, etc. There are several instances when these resources have made a favorable difference in the ability of the EMR-ISAC to address CIP issues and recommend realistic, constructive actions.

In recent consultation with many of the specialists at NETC, the EMR-ISAC obtained a consensus view of the actions most deserving of the attention of EMR sector leaders during this relatively new calendar year. To promote CIP by emergency managers and first responders nationwide, they recommend the following significant leadership activities as time and resources permit:

Learn and practice the CIP process to ensure the all-hazards protection of only what really needs protection.
Periodically assess the knowledge, skills, and abilities of all department personnel and acquire education and training to correct any shortcomings.
Frequently evaluate the operating condition of all apparatus, equipment, and communication systems and obtain upgrades to correct deficiencies.
Strengthen key relationships with other agencies (e.g., law enforcement, public health and safety, public utilities, medical departments, mass transportation, emergency communications, etc.) that could bolster the protection of department critical infrastructures and mission accomplishment.

Al Qaeda Threat Update

The Washington Post reported on 11 February that al Qaeda terrorists are currently operating through "sleeper cells" scattered throughout the United States. The report indicates that, according to law enforcement authorities, "the terrorist group continues to recruit new members, assist in the acquisition of safe houses and equipment, conduct pre-attack surveillance, and relay messages from terrorist leaders and planners." Officials believe the organization also continues to raise millions of dollars through a vast network of American-based bogus charities and foundations, which are used to finance numerous activities such as terrorist training camps.

Discovered al Qaeda plans revealed that the terrorists train to execute multiple events to destroy critical infrastructures, permanently ruin the U.S. economy, and completely demoralize American citizens. Therefore, the message for first responders is that they must be prepared for a myriad of threats, including chemical, biological, radiological, nuclear, and explosive materials and devices. Furthermore, fire/EMS personnel will be confronted with fire, falling debris, explosions, burning fuel, collapsing structures, heat stress, exhaustion, respiratory irritants, and more, in addition to hazardous materials.

Obviously, all-hazards mitigation, preparedness, response, and recovery activities will necessitate the expenditure of precious, limited time and resources. However, the EMR-ISAC submits that all dedicated and valiant efforts may be degraded, or in vain, unless the responder's critical infrastructures are protected at all times during these operations. Protecting the organization's critical infrastructures will go far to enhance mission assurance-the bottom line.

US-CERT Cyber Security Tip

Computer security experts from Carnegie Mellon University published another cyber security tip about passwords because of continuing problems inside and outside of government offices at all levels and in all parts of the country. Their report indicates that there is still too much apathy about passwords and, therefore, too many intrusions causing denial of service and other difficulties.

Passwords are a common form of authentication and are often the only barrier between a user and personal or sensitive operational information. There are several programs attackers can use to help guess or "crack" passwords, but by choosing good passwords and keeping them confidential, individuals and professionals can make it more difficult for an unauthorized person to access private information or an organization's proprietary data. US-CERT writes: "An attack is not specifically about an individual or office e-mail account, but about using the access to private or sensitive information to launch a larger cyber or physical attack."

One of the best ways to protect information, personnel, and physical property is to ensure that only authorized people have access to the information contained in computers. Verifying that someone is the person they claim to be is the next step, and this authentication process is even more important, and more challenging, in the cyber world. "Passwords are the most common means of authentication, but if you don't choose good passwords or keep them confidential, they're almost as ineffective as not having any password at all." For more information or assistance, send e-mail to security-tips@us-cert.gov.

FAIR USE NOTICE

This INFOGRAM may contain copyrighted material that was not specifically authorized by the copyright owner. EMR-ISAC personnel believe this constitutes "fair use" of copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use copyrighted material contained within this document for your own purposes that go beyond "fair use," you must obtain permission from the copyright owner.

Reporting Notice

DHS and the FBI encourage recipients of this document to report information concerning suspicious or criminal activity to DHS and/or the FBI. The DHS National Operation Center (NOC) can be reached by telephone at 202-282-9685 or by e-mail at NOC.Fusion@dhs.gov.

The FBI regional phone numbers can be found online at www.fbi.gov/contact/fo/fo.htm

For information affecting the private sector and critical infrastructure, contact the National Infrastructure Coordinating Center (NICC), a sub-element of the NOC. The NICC can be reached by telephone at 202-282-9201 or by e-mail at NICC@dhs.gov.

When available, each report submitted should include the date, time, location, type of activity, number of people and type of equipment used for the activity, the name of the submitting company or organization, and a designated point of contact.

Weekly INFOGRAM's are now available as an RSS Feed. More Information »