InfoGram

August 7, 2003

NOTE: This InfoGram will be distributed weekly to provide members of the emergency management and response sector with information concerning the protection of their critical infrastructures. It has been prepared by NATEK Incorporated for the Emergency Preparedness and Response Directorate. For further information, contact the Emergency Management and Response - Information Sharing and Analysis Center (EMR-ISAC) at (301) 447-1325 or by email at emr-isac@fema.dhs.gov.

Sensitive Information Security Promotes CIP

One of the required tasks of the U.S. Fire Administration (USFA) Critical Infrastructure Protection Information Center (CIPIC) is to research issues and incidents about critical infrastructure vulnerabilities, and the impact of these vulnerabilities on the fire and emergency medical services. This week the CIPIC again "surfed the web" only to learn that there is still some sensitive information available on the websites of a few municipalities and their fire/EMS departments.

Generally, sensitive information consists of data pertaining to the personnel, equipment, structure, operations, plans, and training of an organization. Information of this type is particularly sensitive or critical because it can be collected and used by adversaries to degrade or prevent survivability, continuity of operations, and mission success-in other words, the people, things, and systems that comprise the critical infrastructures of a community.

For example, the CIPIC observed the following sensitive information on several websites:

• Photos of the elected and appointed leaders of the municipality.
• Telephone directories with the home phone numbers of community leaders.
• Names and phone numbers of all officers at each fire/EMS station.
• Numbers and types of apparatus and equipment at each fire/EMS station.

It is understood that the elected leaders and department chiefs of numerous cities post sensitive data on their websites because of the value it has for citizens. However, the CIPIC opines that they must realize and accept the risk involved in doing so. Information security experts insist that this type of information available in the public domain is a vulnerability that can be exploited by domestic and international terrorists to weaken or negate measures to protect critical infrastructures, and also to harm the citizens that the information was intended to benefit.

Tunnels: A Local Critical Infrastructure

The USFA CIP Process Job Aid (http://www.usfa.fema.gov/fire-service/cipc/cipc-jobaid.shtm) includes tunnels among the critical infrastructures of first responders, despite the fact that emergency personnel have little or no control over tunnels. The CIPIC considers wheeled-vehicle traffic tunnels critical infrastructures because they are essential to expedite the safe movement of emergency responders en route to an incident. Fortunately, there are no current advisories from the Federal Highway Administration regarding large numbers of deficient vehicle tunnels throughout the United States.

If applicable, however, it is appropriate and timely for fire/EMS departments to acquire an awareness of the status of each subway station and railway tunnel within their jurisdiction. A visit to each location could, for example, focus on the availability of current emergency evacuation procedures, employee emergency training, sufficient lighting, clearly visible markings, operational fans, etc.

In order to ensure the best possible response and rescue of people attempting to evacuate subways, chief officers may find it necessary to officially advocate the preparation and rehearsal of evacuation plans for subway employees and their riders; the repair or installation of satisfactory lighting, markings, and fans; and the removal of obstacles from entrances and exits.

Hospital Preparedness

In the Public Health Improvement Act passed in 2000, Congress directed the U.S. General Accounting Office (GAO) to examine hospital preparedness for a bioterrorist attack, given the concern that hospitals may not have the capacity to accept and treat a sudden, large increase in the number of patients.

GAO just released their report to Congress on hospital preparedness dated August 2003, which may have some content germane to the plans and operations of the emergency medical service. The document can be seen at the following URL: http://www.gao.gov/new.items/d03924.pdf.

GAO found fewer than half of hospitals have conducted drills or exercises simulating response to a bioterrorist incident. Hospitals also reported that they lacked the medical equipment, stockpiles, and quarantine and isolation facilities for even a small influx of patients. Many larger hospitals reported more planning and training activities than smaller hospitals.

Representatives from the American Hospital Association (AHA) provided oral comments on a draft of this report, which GAO incorporated as appropriate. AHA generally agreed with the findings.

On a related matter, the August issue of Annals of Emergency Medicine reported on a study asserting that hospital emergency departments are "unraveling," because they are "crowded to the point where physicians are using hallways, offices, storerooms, conference rooms, and shower stalls for patient care." The article raises serious questions about the abilities of emergency departments to quickly respond to mass-casualty events.

The ELF Threat

Officials suspect that radical environmentalists, the Earth Liberation Front (ELF), set a fire on 1 August that swept through an unoccupied apartment complex under construction in the vicinity of University City, California. The estimated dollar amount of the damage has been temporarily set at $20 million. A banner reading, "If you build it, we will burn it," with the initials "ELF" was found next to the burning 206-unit building. Later that day, email was received by the San Diego Union-Tribune stating that the banner "is a legitimate claim of responsibility by the ELF."

The ELF has been active since the early 1990s, and has engaged in many tactics to stop urban sprawl. The most commonly used method of attack is arson. They have publicly claimed responsibility for four fires in the past year alone. ELF describes itself as "an international underground movement consisting of autonomous groups of people who carry out direct action according to the ELF guidelines."

Emergency first responders, particularly those of the fire service, should become familiar with this domestic terrorist organization in order to recognize their activity. For example, ELF is known to conduct extensive surveillance of a target prior to an attack. Just as al-Qaeda seeks out its targets, and carefully plans an operation, so do domestic groups like the ELF. Studying how and where this adversary operates will potentially enable firefighters to conduct some hazard mitigation and ensure the protection of critical infrastructures.