January 10, 2002
NOTE: This InfoGram will be distributed weekly to provide members of the emergency services sector with news and information concerning the protection of their critical information systems. For further information please contact the U.S. Fire Administration's Critical Infrastructure Protection Information Center at (301) 447-1325 or email at usfacipc@fema.gov.
On 2 January, the National Threat Warning System published an update regarding the potential for future terrorist attacks in the United States. Based on the continuing high level of generalized threat information, the FBI will continue its terrorist threat advisory through 11 March 2002. They urge that law enforcers and all emergency first responders remain on elevated vigilance for suspicious or unusual activity.
The present threat of terrorism has brought new urgency to emergency planning by city and county officials across America, who realize they are on the front lines when an incident occurs. Yet, as Washington continues the debate regarding what must be done for homeland security, the "real homeland" still remains vulnerable to attacks from terrorists, nature, and HazMat accidents. Dangerous shortages of money, people, time, and materials have created these unsatisfactory conditions. And right now, there is very limited assistance available from the federal government.
Understanding that there will never be enough resources (i.e., dollars, personnel, time, and materials) to achieve total preparedness, local leaders must plan to protect only those infrastructures critically necessary to ensure the health and safety of citizens. To do this will necessitate making some tough decisions about what community assets really need protection by the application of scarce resources. There can be no room or tolerance for waste in the business of emergency preparedness.
Such is the philosophy of CIP from a municipal perspective: protect first those infrastructures absolutely required for citizen survivability and continuity of operations. For the community emergency services, CIP has a corresponding philosophy: protect first those infrastructures absolutely required for the survivability of emergency first responders and the success of their missions.
The CIPIC espouses that activities to protect assets essential for the accomplishment of missions affecting life and property are proactive, preemptive, and deterrent in nature, which is exactly what critical infrastructure protection is meant to be. If attacked, however, those people, things, and systems that are protected will more likely endure by remaining intact and operational. To acquire these favorable outcomes, the CIPIC urges leaders at all levels to include CIP as a major emergency planning component.
In the weeks following 11 September, the federal government conducted a comprehensive assessment of the preparedness of the fifty states to respond to future acts of terrorism. It was no surprise that the research revealed several deficiencies. As a means to best use the limited resources for homeland security, the assessment report recommended that states have an organizational process to look at critical infrastructures.
Recognizing the need for an organizational CIP process, the CIPIC improvised a process to serve as an analytical model or template to guide the systematic protection of critical infrastructures. More basically, it is a reliable decision sequence that assists leaders in ultimately determining exactly what really needs protection as well as when. As a time-efficient and resource-restrained practice, the process ensures the protection of only those infrastructures upon which survivability and mission success depend. The process consists of five steps: identifying critical infrastructures, determining the threat, analyzing vulnerabilities, assessing risk, and applying countermeasures.
To assist leaders and managers of emergency first responders, the CIPIC developed a CIP Process "Job Aid" as a user friendly guide for the implementation of the CIP process. Currently under review, the Job Aid was prepared as an easy reading document that could be quickly comprehended by all readers. Once approved and published, the Job Aid will be available at no cost from the USFA Publications Center. To examine a DRAFT copy of the Job Aid or learn more about the CIP process, please contact the CIPIC at (301) 447-1325, or at the following electronic address: usfacipc@dhs.gov.
The Justice Department recently announced it will let police chiefs at all levels apply for security clearances that enable them to access classified information during national emergencies. Attorney General John Ashcroft made the decision because many police chiefs had difficulty getting information after terrorists struck on 11 September.
The biggest challenge to get classified emergency information to the state, county, and municipal levels will not be security clearances. It will be the coordination of over 40,000 disparate databases at all levels of government. The immediate focus will have to be on the outstanding integration among telecommunication and cyber systems, as well as the cultural problems that occasionally obstruct effective communication.
As the issues of communications and security clearances are resolved, it will become necessary for local emergency planning committees (LEPCs) to rely on their police chief for planning and execution purposes. Without divulging classified information that they are sworn to protect, police chiefs must be obligated to wisely guide the emergency planning and preparations of other community leaders (e.g., fire and EMS chiefs), most particularly in regards to the protection of their critical infrastructures.
During this new calendar year, according to the National Infrastructure Protection Center (NIPC/FBI), computer attacks will be more frequent and sophisticated, often exploiting several vulnerabilities at once. It is anticipated that malicious code will propagate autonomously, at increasing rates that will threaten entire networks.
NIPC computer crime experts believe attackers will increasingly target computer network components like routers and non-traditional protocols in order to compromise systems and disrupt service. The experts also indicate that wireless technology will become the new arena for old attacks and new exploits.
Given this adverse forecast, the CIPC advises that departments again scrutinize their computer-aided dispatch (CAD) and computer networks to ensure that those responsible have installed the latest available cyber protection technology.
The U.S. Fire Administration/EMR-ISAC does not endorse the organizations sponsoring linked websites, and does not endorse the views they express or the products/services they offer.
This INFOGRAM may contain copyrighted material that was not specifically authorized by the copyright owner. EMR-ISAC personnel believe this constitutes "fair use" of copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use copyrighted material contained within this document for your own purposes that go beyond "fair use," you must obtain permission from the copyright owner.
DHS and the FBI encourage recipients of this document to report information concerning suspicious or criminal activity to DHS and/or the FBI. The DHS National Operation Center (NOC) can be reached by telephone at 202-282-9685 or by email at NOC.Fusion@dhs.gov.
The FBI regional phone numbers can be found online at www.fbi.gov/contact/fo/fo.htm
For information affecting the private sector and critical infrastructure, contact the National Infrastructure Coordinating Center (NICC), a sub-element of the NOC. The NICC can be reached by telephone at 202-282-9201 or by email at NICC@dhs.gov.
When available, each report submitted should include the date, time, location, type of activity, number of people and type of equipment used for the activity, the name of the submitting company or organization, and a designated point of contact.
Weekly INFOGRAM's are now available as an RSS Feed. More Information »
Last Reviewed: Historical Document
Happy New Year! Add this resolution to the top of your list: test all home smoke alarms each month - starting today! January 1, 2013 @ 10:04 AM ET
U.S. Fire Administration, 16825 S. Seton Ave., Emmitsburg, MD 21727 | USNG: 18SUJ00529652
(301) 447-1000 Fax: (301) 447-1346 Admissions Fax: (301) 447-1441
