October 4, 2001
NOTE: This InfoGram will be distributed weekly to provide members of the emergency services sector with news and information concerning the protection of their critical infrastructures. For further information please contact the U.S. Fire Administration's Critical Infrastructure Protection Information Center at (301) 447-1325 or email at usfacipc@dhs.gov.
The 27 September InfoGram continued the explanation of critical infrastructure protection (CIP) by reporting on the third step in the protection process. It initially reviewed that identifying critical infrastructures is the first step and determining if any of a department's critical infrastructures are threatened is the second step. The same InfoGram continued that the third step is a vulnerability analysis, which requires a thorough examination of the security weaknesses in the threatened infrastructures. When it is established that one or more threatened infrastructures are vulnerable, then the CIP practitioner proceeds to the fourth step. A risk assessment (fourth step) involves the comparison of threats and vulnerabilities to determine the potential risk of the degradation or loss of a critical infrastructure.
This assessment will provide a good indication of the negative effects of a vulnerability on fire suppression and rescue missions. An infrastructure that is both threatened and vulnerable is probably at high risk of loss and should be a top priority for protection measures. As a result of this assessment, decision makers can evaluate the cost of protection measures (i.e., countermeasures) in terms of resources (e.g., personnel, time, money, materials) and operational effectiveness against the impact of the loss of that infrastructure on mission accomplishment. For example, pumping stations and water reservoirs have been included on recent threat advisories. Hence, these facilities are threatened, but are they also vulnerable?
Since research reveals that many are vulnerable because of existing security weaknesses, community leaders would be prudent to consider them a high priority for corrective action. Security experts teach that it is acceptable to assume risk for low priority infrastructures, especially when there are high priority entities in need of countermeasures. CIP advocates maintain that the failure to conduct risk assessment can result in the inefficient application of resources and a subsequent reduction in operational effectiveness.
The New York Times reported that Secretary of Defense Donald H. Rumsfeld expects enemies of the United States to help terrorist groups obtain biological, chemical, and possibly nuclear weapons technology. Other administration officials also warned of the potential spread of biological and chemical weapons, and therefore, the need for stronger antiterrorism measures. Because of the high vulnerability of our nation to such weapons, Senators Bill Frist (R-TN) and Edward Kennedy (D-MA) have urged President Bush to spend $1 billion to immediately upgrade public laboratories, train medical personnel, and pursue new vaccines and therapies.
Additionally, biotechnology and chemical companies are bolstering security to keep potentially deadly products away from terrorists. These companies are performing more stringent checks of their workers as well as anyone entering their facilities. And in a related study, the General Accounting Office cautioned that state and local fire and emergency medical services appear unprepared to deal with a biological or chemical assault, despite the fact they will likely be the first to respond.
In the 27 September InfoGram, the Critical Infrastructure Protection Information Center identified firefighters, EMTs, and their equipment as the first and foremost of the critical infrastructures in the fire and EMS sector. Considering the potential for a nuclear, biological, or chemical attack, department leaders are encouraged to acquire and implement measures and training to protect their most valued assets for occasions when a response is absolutely necessary.
Outside a suburban hospital, ambulances bearing seriously ill patients are diverted because the hospital is on "reroute." Consistent with the Emergency Medical Treatment and Active Labor Act, hospitals can turn away ambulances if the facility is filled to capacity. "Many emergency departments are overwhelmed year-round, even at the popular world-class medical institutions." According to a U.S. News & World Report cover story, a national emergency room crisis has hospital personnel dreading the day when the crush and chaos will create the conditions for a fatal mistake. Paramedics are worrying about the emergency calls they are missing while delayed at hospitals because there is no place to unload patients. Everyone is concerned that the delays may be costing lives at a time when a sharply rising number of people are attended to in emergency departments each year.
"The problem is that the supply of care has been choked back between 1994 and 1999." During this five year period, more than 370 emergency departments across the country disappeared at hospitals that were closed or financially ailing. The number of emergency departments in rural areas dropped by eleven percent causing the remaining emergency rooms to serve larger volumes of patients. "At the same time, pressure from government and insurers to jettison excess capacity resulted in a radically reduced national hospital capacity and a severely weakened medical infrastructure." Hence, most of the ambulance diversions have nothing to do with emergency departments. "Patients are stuck because there's no place in the regular hospital wards for them to be admitted." This weakened medical infrastructure adversely affects the EMS mission and response times. Such a deplorable situation will ultimately worsen if a locality experiences an incident of mass victimization.
The National Infrastructure Protection Center (NIPC) issued a warning that the nation's water supply could face sabotage. In response to this warning and previous threat advisories, American water companies have heightened security. Some of the larger water utilities have increased patrols at reservoirs, closed access roads, installed barbed wire fences, locked storage tanks, and increased strenuous testing of the water. Although extreme cautioned is urged, law enforcement officials also stated that "there have not been any specific threats against water supplies." No mention is made of the security status of thousands of water pumping stations throughout the United States.
The Critical Infrastructure Protection Information Center recommends that municipal leaders (including the Fire Chief) proactively consider if local pumping stations are adequately protected from criminal sabotage and tampering.
As a means to moderate the destructive effects of cyberterrorism, the NIPC offers the following seven computer security tips:
Malicious software including viruses, worms, Trojans, denial of service, and other such attacks. They are sometimes referred to as rogue programs.
The U.S. Fire Administration/EMR-ISAC does not endorse the organizations sponsoring linked websites, and does not endorse the views they express or the products/services they offer.
This INFOGRAM may contain copyrighted material that was not specifically authorized by the copyright owner. EMR-ISAC personnel believe this constitutes "fair use" of copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use copyrighted material contained within this document for your own purposes that go beyond "fair use," you must obtain permission from the copyright owner.
DHS and the FBI encourage recipients of this document to report information concerning suspicious or criminal activity to DHS and/or the FBI. The DHS National Operation Center (NOC) can be reached by telephone at 202-282-9685 or by email at NOC.Fusion@dhs.gov.
The FBI regional phone numbers can be found online at www.fbi.gov/contact/fo/fo.htm
For information affecting the private sector and critical infrastructure, contact the National Infrastructure Coordinating Center (NICC), a sub-element of the NOC. The NICC can be reached by telephone at 202-282-9201 or by email at NICC@dhs.gov.
When available, each report submitted should include the date, time, location, type of activity, number of people and type of equipment used for the activity, the name of the submitting company or organization, and a designated point of contact.
Weekly INFOGRAM's are now available as an RSS Feed. More Information »
Last Reviewed: Historical Document
Happy New Year! Add this resolution to the top of your list: test all home smoke alarms each month - starting today! January 1, 2013 @ 10:04 AM ET
U.S. Fire Administration, 16825 S. Seton Ave., Emmitsburg, MD 21727 | USNG: 18SUJ00529652
(301) 447-1000 Fax: (301) 447-1346 Admissions Fax: (301) 447-1441
