December 11, 2003
NOTE:This InfoGram will be distributed weekly to provide members of the emergency services sector with news and information concerning the protection of their critical information systems. It has been prepared by NATEK Incorporated for the US Fire Administration. For further information please contact the U.S. Fire Administration's Critical Infrastructure Protection Information Center at (301) 447-1325 or email at usfacipc@dhs.gov.
The holiday season is near and our attention will soon turn to matters of family, faith, and festivity. Nevertheless, terrorism has not and will not decrease during the next three weeks. Consequently, the Homeland Security Advisory System threat level will remain at YELLOW (Elevated), which means there is a significant risk of terrorist attacks. Unfortunately, there are legitimate concerns among infrastructure protection and security specialists that terrorist activities may actually increase as American citizens try to enjoy the holidays.
Because of this potential for the unlawful use of force and violence to intimidate or coerce the people and government of the United States, the CIPIC offers the following actions for the consideration of the leadership of the emergency management and response sector of the nation:
Federal computer security experts recently announced that too many important computer systems throughout the country remain vulnerable to attack by malicious individuals or terrorists. They use as an example the MSBlast worm that first appeared in August 2003, and infected more than a million computers. Capitalizing on a Microsoft operating system vulnerability, the worm infected computers that infected other computers, and on and on. In this way, the worm automatically spread from computer to computer and network to network. Its mere existence drained resources and caused so many computers-both primary and backup systems-to fail.
According to the 2003 Federal Computer Security Scorecard released this week, federal inspectors indicated that terrorists might have the capability to attack the command and control capabilities of emergency responders. They substantiated this claim by mentioning how the Slammer worm knocked out the 9-1-1 emergency telephone service at several locations in January 2003. These cyber specialists fear that any existing vulnerabilities in computer dispatching services could cause the disruption or prevention of live-saving responses.
To prevent the loss of computer and network capabilities, government officials recommend that first responder organizations perform the following five basic actions:
A 9 December New York Times article indicated certain public health officials across the country believe that in the near future the United States will experience a highly communicable infectious disease event requiring mass quarantine. Many of these health authorities have been preparing for a contagion that will necessitate the order to quarantine, which is a public health measure virtually abandoned for most of the past century. All states and some cities have the authority to impose an emergency quarantine. However, "many people express alarm at talk of government-imposed quarantines, especially given the current political tensions over civil liberties."
Patrick Libbey, the executive director of the National Association of County and City Health Officials, recently said health officials in many jurisdictions have prepared for a serious infectious outbreak by identifying possible buildings for quarantined citizens. Some issues facing health authorities, he added, "concern legal processes for imposing quarantines, ways to house people and manage their needs, and the financing of such undertakings." Mr. Libbey continued that some municipalities revised their health code to ensure they can legally quarantine people "not just for known diseases but for suddenly emerging ones that present a major health threat."
The CIPIC has steadfastly maintained that personnel are foremost among the critical infrastructures of any organization. Therefore, the CIPIC opines that to protect department personnel and community leadership from contagions that will degrade or prevent their performance of duties, a municipality must be prepared to implement a quarantine despite its unpopularity. Many health specialists credit the use of quarantine with preventing an even worse epidemic of the severe acute respiratory syndrome (SARS) this year in places like Singapore, Hong Kong, Taiwan, and Canada. Hence, the quarantine must be considered a critical infrastructure protection (CIP) countermeasure to mitigate the threat of widespread communicable infections.
The ongoing perpetuation of terrorism underscores the importance of fire prevention and workplace emergency planning efforts. Fires or explosions created by arson or an explosive device can be the quickest way for a terrorist to affect a targeted critical infrastructure. The Occupational Safety & Health Administration (OSHA) developed a Fire and Explosion Planning Matrix to provide organizational leaders with planning considerations and on-line resources that may help reduce vulnerabilities to, or the consequences of, a terrorist's act of arson or explosive device.
Acts of arson or explosive devices are not workplace fire hazards or ignition sources that OSHA expects a leader to reasonably identify and attempt to control. However, an effective fire prevention plan that includes these fire hazards/ignition sources may increase personnel safety and security, and ensure that everyone knows how to respond to threats and incidents safely and effectively.
The Fire and Explosion Planning Matrix is not a tool for conducting a comprehensive compliance evaluation of a fire prevention plan developed to comply with the Fire Prevention Plan Standard (29 CFR 1910.39). Rather, this document covers the general aspects of fire prevention planning and includes broad questions to help organization leaders review their plan content as it would relate to a terrorist act involving arson or an explosive device. More information about this document can be obtained from the following OSHA URL/link: http://www.osha.gov/dep/fire-expmatrix/index.html.
The U.S. Fire Administration/EMR-ISAC does not endorse the organizations sponsoring linked websites, and does not endorse the views they express or the products/services they offer.
This INFOGRAM may contain copyrighted material that was not specifically authorized by the copyright owner. EMR-ISAC personnel believe this constitutes "fair use" of copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use copyrighted material contained within this document for your own purposes that go beyond "fair use," you must obtain permission from the copyright owner.
DHS and the FBI encourage recipients of this document to report information concerning suspicious or criminal activity to DHS and/or the FBI. The DHS National Operation Center (NOC) can be reached by telephone at 202-282-9685 or by email at NOC.Fusion@dhs.gov.
The FBI regional phone numbers can be found online at www.fbi.gov/contact/fo/fo.htm
For information affecting the private sector and critical infrastructure, contact the National Infrastructure Coordinating Center (NICC), a sub-element of the NOC. The NICC can be reached by telephone at 202-282-9201 or by email at NICC@dhs.gov.
When available, each report submitted should include the date, time, location, type of activity, number of people and type of equipment used for the activity, the name of the submitting company or organization, and a designated point of contact.
Weekly INFOGRAM's are now available as an RSS Feed. More Information »
Last Reviewed: Historical Document
Happy New Year! Add this resolution to the top of your list: test all home smoke alarms each month - starting today! January 1, 2013 @ 10:04 AM ET
U.S. Fire Administration, 16825 S. Seton Ave., Emmitsburg, MD 21727 | USNG: 18SUJ00529652
(301) 447-1000 Fax: (301) 447-1346 Admissions Fax: (301) 447-1441
