January 24, 2002
NOTE: This InfoGram will be distributed weekly to provide members of the emergency services sector with news and information concerning the protection of their critical information systems. For further information please contact the U.S. Fire Administration's Critical Infrastructure Protection Information Center at (301) 447-1325 or email at usfacipc@fema.gov.
Already staggering under the weight of higher security costs, the federal and state legislatures are now gathering for their first sessions of 2002 to consider a multitude of proposals and funding priorities for critical infrastructure protection. Given the current emphasis on public health and safety, aid to emergency first responders, and aviation security, it is inevitable that there will be a substantial increase in federal and state spending for state and local security efforts. Of course, this is welcomed news for American cities on the frontlines of the war on terrorism.
When money is eventually received, there will be some temptation to pursue "security at any price" and pay for protection projects without a coherent strategy. Within a reasonable period of time there will be improved infrastructure protection minus a strategic plan, but probably not to the extent that it could or should be. Therefore, the CIPIC recommends that state and local emergency planning committees (LEPCs) implement the CIP process to reliably determine what people, physical assets, and cyber systems really need protection and when. After fully recognizing the realistic interdependencies among the assets requiring protection, the LEPCs can devise and institutionalize a strategy that establishes outcomes. It will additionally define success, schedule the completion of infrastructure protection projects, track how money is allocated and spent, and assess the degree to which implemented protection projects support the success of the strategy.
Although presently riding a wave of support, it is probable that gradually other issues will quietly begin to supercede critical infrastructure protection and homeland security. This is why there must be a strategy that promotes targeted, essential, cost efficient, and sustainable protection measures. The CIPIC urges that senior fire and emergency medical service leaders ensure their active membership in the committee (LEPC) which develops and executes the CIP strategy.
According to WaterTechOnline, numerous cities and water facilities across America are involved in vulnerability assessments and security planning assisted by the U.S. Environmental Protection Agency (EPA) and Sandia National Laboratories. Federal researchers review emergency policies, inspect treatment plants and pumping stations, and summarize the extent that a community's water works are vulnerable to attacks by people, nature, and HazMat accidents.
Backflow was identified as one of the most common problems for water and wastewater facilities. EPA officials report that with relative ease, contaminants could be pumped into systems and cause damage if backflow preventers are not installed and operational. The sporadic delivery of treatment chemicals was also considered problematic.
As a result of these visits, some communities have already initiated plans to safeguard their water supplies and wastewater systems from potential terrorists acts. Where not already planned, and because the requirement for a dependable supply of fire suppression water, the CIPIC advises department chiefs to petition their LEPCs to consider local water supplies (and wastewater systems) for their CIP strategy.
Before the U.S. Congress adjourned for its holiday break, Senator Tom Daschle (D-SD) introduced a bill, if passed, that would allow Public Safety Answering Points (PSAPs) to apply for federal grant money to build and improve their communications infrastructure. Section 103 of the bill states its enactment intends to "improve a communications infrastructure that will ensure a reliable and seamless communication between law enforcement, fire, and emergency medical service providers." The Office of Justice Programs of the Department of Justice will have the authority to make grants, in accordance with regulations prescribed by the Attorney General, for the purpose of establishing or improving 9-1-1 services. Priority in making grants will be given to communities that do not have 9-1-1 service. The total amount of a grant made under this legislation-if signed by the President-will not exceed $250,000.
As worldwide usage of the Internet increases, so too have the vast resources available to anyone online. Scrutiny of the Internet reveals that details on critical infrastructures, emergency response plans, organizational operating procedures, and other data of use to criminal adversaries are easily retrievable to Internet users.
The National Infrastructure Protection Center (NIPC) has received reliable reports that infrastructure related information at numerous websites is being accessed from locations around the world. While the information itself may seem innocent and insignificant, it does highlight a potential vulnerability. Hence, the NIPC issued an advisory to heighten community awareness of this problem and to encourage Internet content providers to review the data they make available online.
On the behalf of critical information protection, the CIPIC encourages common sense in deciding what to publish on the Internet. To assist this matter, the CIPIC also suggests consideration of the answers to following questions when evaluating Internet content from a security perspective. An affirmative answer to any of these questions should be cause enough to omit the information from websites and online accessibility.
The U.S. Fire Administration/EMR-ISAC does not endorse the organizations sponsoring linked websites, and does not endorse the views they express or the products/services they offer.
This INFOGRAM may contain copyrighted material that was not specifically authorized by the copyright owner. EMR-ISAC personnel believe this constitutes "fair use" of copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use copyrighted material contained within this document for your own purposes that go beyond "fair use," you must obtain permission from the copyright owner.
DHS and the FBI encourage recipients of this document to report information concerning suspicious or criminal activity to DHS and/or the FBI. The DHS National Operation Center (NOC) can be reached by telephone at 202-282-9685 or by email at NOC.Fusion@dhs.gov.
The FBI regional phone numbers can be found online at www.fbi.gov/contact/fo/fo.htm
For information affecting the private sector and critical infrastructure, contact the National Infrastructure Coordinating Center (NICC), a sub-element of the NOC. The NICC can be reached by telephone at 202-282-9201 or by email at NICC@dhs.gov.
When available, each report submitted should include the date, time, location, type of activity, number of people and type of equipment used for the activity, the name of the submitting company or organization, and a designated point of contact.
Weekly INFOGRAM's are now available as an RSS Feed. More Information »
Last Reviewed: Historical Document
Happy New Year! Add this resolution to the top of your list: test all home smoke alarms each month - starting today! January 1, 2013 @ 10:04 AM ET
U.S. Fire Administration, 16825 S. Seton Ave., Emmitsburg, MD 21727 | USNG: 18SUJ00529652
(301) 447-1000 Fax: (301) 447-1346 Admissions Fax: (301) 447-1441
