InfoGram

This page may contain links to non-U.S. government websites. What this means to you »

February 28, 2002

NOTE: This InfoGram will be distributed weekly to provide members of the emergency services sector with news and information concerning the protection of their critical information systems. For further information please contact the U.S. Fire Administration's Critical Infrastructure Protection Information Center at (301) 447-1325 or email at usfacipc@fema.gov.

A New/Old Infrastructure Threat

Threats to critical infrastructures typically come from three different sources: people, nature, and HazMat accidents. Nature threats are generated by hurricanes, tornadoes, earthquakes, floods, and wildfires. However, prevailing climatic conditions in many parts of the United States have yielded a new/old threat to critical infrastructures characterized by excessively dry surface conditions and low water supplies-the drought.

A drought has been announced at numerous American localities after an unusually long period of dry weather since last summer, and forecasts of continued dry conditions for this coming spring. Water reservoirs and river basins at many locations are more than 50 percent below normal levels. As a result of severely reduced water levels, regional officials are reminding citizens of the importance of water conservation. Some of them have already enforced strict water restrictions.

The significant lack of rain and snow, tinder-dry conditions, and unseasonably warm weather means that fire hazards increase at the same time that water supplies decrease. Obviously, droughts are not good news for firefighters and community leaders because they directly jeopardize a critical infrastructure: the water availability for fire suppression. Additionally, the fires caused by droughts endanger private property and public buildings, some of which may be critical infrastructures necessary for the continuity of operations.

Given the unfavorable extended forecast of seriously limited precipitation, the CIPIC advises that local emergency planning committees (LEPCs) in affected areas develop drought contingency plans. An example of a contingency plan template can be accessed in the State of Pennsylvania website at the following URL: http://www.dep.state.pa.us/dep/subject/hotopics/drought/

Wildfires: Threat to Family Infrastructures

The 14 February InfoGram discussed how wildfires are a threat to critical infrastructures. The 21 February InfoGram offered recommendations on how to protect the family infrastructure. Since then, the CIPIC examined how wildfires can be deterred from threatening homes, which are the basic family infrastructure.

Because of the drought conditions mentioned above, the potential for wildland fires is presently at dangerously elevated levels in several regions of the United States. Unfortunately, there is high risk of fire losses in the affected areas of the nation. Clearly, fire departments at these locations must be ready to conduct emergency evacuations and fire suppression. Furthermore, firefighters can provide an outstanding example by implementing and promoting the following basic suggestions, which were amended from a National Fire Protection Association checklist:

Emergency Preparedness and Critical Infrastructure Protection

Emergency preparedness, the centerpiece of national homeland security according to Homeland Security Director Tom Ridge, relies heavily on the readiness of police, firefighters, paramedics, and hospital personnel to respond to disasters. Recognizing the dependence of preparedness on emergency first responders, several municipalities have recently rewritten their disaster response plans and conducted disaster training drills. Those cities that have already revised their plans and conducted exercises are truly a step ahead in the preparedness business.

Whereas emergency preparedness is mainly about a community's readiness to respond to a disaster, critical infrastructure protection (CIP) is focused on preventing the degradation of essential assets by that same or any disaster. The CIPIC proposes that there is a considerable difference between preparedness and protection. The extremely important and necessary labors of emergency preparedness are reactive in nature. Again, the plans and drills ensure that all responders know exactly what to do after the event occurs.

CIP activities are proactive, preemptive, and deterrent in nature and have two major objectives:

With the understanding that there is a difference between emergency preparedness and CIP, the CIPIC maintains that there is a meaningful place for CIP in all preparedness or emergency response plans and actions. It is appropriate and desirable that disaster plans and exercises consider what and where are the critical infrastructures and how they should be protected from degradation or destruction during a response to any disaster.

Federal Communications Commission Warning

The Federal Communications Commission (FCC) issued a warning on 21 February regarding the use of vendor antenna display devices. These instruments used to demonstrate the flashing light on the tip of accessory antennas for cellular telephones will cause interference to licensed radio services. The display units send radio signals through several accessory antennas to make them flash, but cause disruption to cellular frequency bands harmful to cellular communications and other services in near by frequency bands.

The FCC warned that these display units require approval from the FCC prior to marketing or use. There are currently no FCC approved Flashing Cellular Antenna Displays. Therefore, vendors operating such displays are advised to turn off their unapproved devices because of the illegal and dangerous interference to public safety radios and the communications infrastructure.

Simple Network Management Protocol Vulnerability

The National Infrastructure Protection Center (NIPC) is presently investigating the anticipated high threat of exploitation and denial of services resulting from vulnerabilities in the Simple Network Management Protocol (SNMP). SNMP is a software protocol that allows system administrators to monitor and configure elements that are attached to the network such as routers, switches, hubs, bridges, modems, printers, scanners, and copiers. Given this information, the CIPIC recommends that network or system administrators examine the CERT Coordination Center's advisory at the following URL: http://www.cert.org/advisories/CA-2002-03.html

Disclaimer of Endorsement

The U.S. Fire Administration/EMR-ISAC does not endorse the organizations sponsoring linked websites, and does not endorse the views they express or the products/services they offer.

Fair Use Notice

This INFOGRAM may contain copyrighted material that was not specifically authorized by the copyright owner. EMR-ISAC personnel believe this constitutes "fair use" of copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use copyrighted material contained within this document for your own purposes that go beyond "fair use," you must obtain permission from the copyright owner.

Reporting Notice

DHS and the FBI encourage recipients of this document to report information concerning suspicious or criminal activity to DHS and/or the FBI. The DHS National Operation Center (NOC) can be reached by telephone at 202-282-9685 or by email at NOC.Fusion@dhs.gov.

The FBI regional phone numbers can be found online at www.fbi.gov/contact/fo/fo.htm

For information affecting the private sector and critical infrastructure, contact the National Infrastructure Coordinating Center (NICC), a sub-element of the NOC. The NICC can be reached by telephone at 202-282-9201 or by email at NICC@dhs.gov.

When available, each report submitted should include the date, time, location, type of activity, number of people and type of equipment used for the activity, the name of the submitting company or organization, and a designated point of contact.

RSS FeedWeekly INFOGRAM's are now available as an RSS Feed. More Information »