InfoGram

July 26, 2001

NOTE: This InfoGram will be distributed weekly to provide members of the emergency services sector with news and information concerning the protection of their critical infrastructures. For further information please contact the U.S. Fire Administration's Critical Infrastructure Protection Information Center at (301) 447-1325 or email at usfacipc@dhs.gov.

9-1-1 Wireless Service

The National Emergency Number Association (NENA) estimated that of the 150 million calls to 9-1-1 in 2000, at least 30 percent were made by wireless telephone users. NENA anticipates that the majority of calls will be from wireless callers by 2005. However, it is presently the case that when 9-1-1 calls are made from wireless phones, the call may not be routed to the closest public safety answering point (PSAP). Additionally, the call taker does not receive the callback phone number or the location of the caller. This presents life threatening problems due to lost response time. "Too often callers are unable to speak, do not know where they are, or do not know their wireless phone callback number." Therefore, efforts are ongoing to provide better emergency response service to wireless 9-1-1 callers. When the first improvement phase is fully implemented, a wireless 9-1-1 call will come into the PSAP with the wireless phone callback number. "This is important in the event the cell phone call is dropped, but still does not help call takers locate emergency victims or callers." The second improvement phase allows call takers to receive both the callers' wireless phone number and their location information. According to the Association of Public-Safety Communications Officials (APCO), this second phase must be implemented by local 9-1-1 systems and wireless carriers by 1 October 2001. APCO reports that as 1 October approaches, wireless carriers are beginning to file waiver requests with the Federal Communications Commission. "The waiver requests are based upon a variety of factors, including handset and equipment development, air interface deployment, and technical testing of location determination technology."

More About Wireless Service

"Although public-safety workers are increasingly using up-to-date devices, they are still hampered by low bandwidth, spotty access, and fragile hardware," federal officials said at the 23 July Technology Excellence in Government seminar. Not only do cellular phone companies need to improve their geographic coverage, but they should also provide priority access to public-safety workers, said Mr. Chris Lewis, a telecommunications specialist. "In the rare cases when disaster specialists are called to an area where the cellular systems are still working, they often cannot get through to their home offices because the systems are overloaded." Mr. Lewis works closely with the National Interagency Fire Center, through which the U.S. Interior and Agriculture Departments collaborate to assist state and local firefighters in battling large forest blazes. Noting that firefighters often drop or bump their traditional two-way radio units, he indicated nearly half of the 400 strong Park Police now carries digital phones which provide text messaging. "But officers still need to carry traditional two-way radios to communicate from so-called dead spots in cellular coverage." A Government Computer News article reported that by a joint effort of the Justice and Treasury Departments, the Public Safety Wireless Network has developed a detailed roadmap describing how police and fire officials can lay the groundwork for new wireless deployments.

New Cybercrime Units

According to the National Infrastructure Protection Center (NIPC), U.S. Attorney General John Ashcroft announced the creation of ten "specialized prosecutorial units" designed to help crack down on Internet crime. The new cybercrime units will be located in nine U.S. cities in addition to San Francisco, where the concept was pioneered and proven effective. The other cities are Los Angeles, San Diego, Seattle, Brooklyn, New York City, Dallas, Boston, Atlanta, and Alexandria in Virginia. The "Computer Hacking and Intellectual Property" (CHIP) units will consist of special teams of attorneys trained to prosecute people on charges of computer intrusions and hacking, electronic copyright violations, fraud, trademark violations, theft of computers and trade secrets, and economic espionage. Attorney General Ashcroft said "these new teams will prosecute vigorously those responsible for cybercrime." He continued that as a result we hope to reinforce the message to would-be criminals that there are no free passes in cyberspace. "Crimes will be investigated and criminals will be prosecuted to the fullest extent of the law." The work of the CHIP units intends to erase the perception of lawlessness that computer crime creates.

NIPC Advisory

The National Infrastructure Protection Center (NIPC) issued an advisory regarding the "Ida Code Red Worm." NIPC considers this a significant threat and reports that the activity of the worm has the potential to degrade services running on the Internet. Therefore, any web server running the Microsoft IIS versions 4.0 or 5.0 that is not patched is susceptible to a "buffer overflow" in the Idq.dll. Such will permit the attackers to run embedded code on the affected system. Once active on a system, this memory resident worm attempts to spread itself by creating a sequence of random IP addresses to infect unprotected web servers. Upon successful infection, the worm will connect to the www.whitehouse.gov domain.

SirCam Worm

According to CNET News.com, SirCam is a malicious program currently in circulation with characteristics of a worm, virus, and "Trojan horse." This is so because it has a self-propagating piece of destructive code like a worm. It is a malicious program that attaches itself to other files like a virus. And it poses as a harmless file like a "Trojan horse." All SirCam messages arrive with an attachment and an email subject line that are different for every message. "That is because each time the SirCam worm infects a computer, it randomly plucks a document from that computer and sends itself out with the document attached - drawing the email subject line and the name of the attachment itself from the title of the pilfered document. The main threat posed by the worm is possible security breaches from its propagation method. By attaching randomly chosen documents to itself, the worm could share confidential information with others. If you believe you may have received an infected message, then immediately delete the message and check to see if your PC is infected.

USFACIPC Weekly Lexicon: Gateway

An interface between networks that translates among dissimilarities and facilitates compatibility (linkage) by adapting transmission speeds, protocols, codes, or security measures.