InfoGram

December 18, 2003

NOTE:This InfoGram will be distributed weekly to provide members of the emergency services sector with news and information concerning the protection of their critical information systems. It has been prepared by NATEK Incorporated for the US Fire Administration. For further information please contact the U.S. Fire Administration's Critical Infrastructure Protection Information Center at (301) 447-1325 or email at email at usfacipc@dhs.gov.

Holiday Vigilance

As thoughts turn to family, friends, and celebrations between 20 December and 1 January, emergency management and response sector leaders should remember that the critical infrastructures (i.e., personnel, physical assets, and communication systems) upon which our loved ones and citizens depend must remain intact and operational without degradation by man-made or natural disasters. Hence, during these holidays, the CIPIC recommends continued planning and preparing for the application of resources to mitigate the adverse effects of any incident. It is appropriate that special emphasis be given to regional interagency cooperation to ensure essential support for all circumstances.

The CIPIC learned through public sources that terrorists have considered the possibility of attacking the American mass transit industry using a variety of methods including incendiary material, small munitions, and poison gas. Although there is no specific information currently available, the CIPIC offers following measures for consideration throughout this festive period:

• Encourage personnel to remain alert and immediately report any situation that appears to constitute a threat or suspicious activity.
• Provide particular attention to suspicious activity associated with commercial trucks, especially those transporting fuel and other hazardous materials.
• Rearrange exterior vehicle barriers, traffic cones, and roadblocks to adjust to increased holiday traffic patterns adjacent to critical infrastructures.
• Limit the number of access points and strictly enforce access control procedures.
• Conduct increased monitoring and routine sweeps of common areas to identify unattended vehicles and packages.
• Review and update applicable emergency response plans.

Homeland Security Presidential Directive - 7

On 17 December, President Bush signed landmark directives establishing new policies on critical infrastructure protection (CIP) and the nation's preparedness for terrorism. Homeland Security Presidential Directive - 7 (HSPD - 7) is the policy of the United States to enhance the protection of our nation's critical infrastructures and key resources against terrorist acts. As the cornerstone of the country's homeland security strategy, this directive requires federal agencies to coordinate with state and local government officials as well as the private sector to identify and eliminate critical infrastructure vulnerabilities across all sectors, including the emergency management and response (EMR) sector.

Contained within the roles and responsibilities of HSPD - 7 are three actions directly affecting the EMR sector: conduct or facilitate critical infrastructure vulnerability assessments; encourage risk management strategies to protect against and mitigate the effects of attacks against critical infrastructures and key resources; and promote the development of information sharing and analysis (ISAC) mechanisms.

Through the use of this weekly document (InfoGram), the CIP Process Job Aid (http://www.usfa.fema.gov/fire-service/cipc/cipc-jobaid.shtm), and in the performance of its daily duties, the U.S. Fire Administration's Critical Infrastructure Protection Information Center (CIPIC) will continue to foster and pursue the responsibilities now contained in the new HSPD - 7. For example, the CIPIC is also the Information Sharing and Analysis Center (ISAC) for the EMR sector of the United States. As such, the CIPIC/ISAC requests information about incidents or suspicious activities involving the critical infrastructures and key resources of the sector. When sharing provided information for further analysis and follow-up, the CIPIC pledges that all sensitive, harmful, or embarrassing content will be deleted.

Because the entire EMR sector will potentially benefit from this information sharing, the CIPIC thanks you in advance for the cooperation of your department, agency, or office. Please contact the CIPIC at 301-447-1325 or usfacipc@dhs.gov if you have any questions about CIP information sharing and analysis.

Voice Over Internet Protocol

Voice over Internet protocol (VOIP) routes telephone calls over the Internet rather than telephone (wireline) networks. Internet protocol was designed originally for moving packets of data, but is being used increasingly for other media such as voice and video. This development has become a problem and vulnerability for the nation's emergency telephone (9-1-1) system, because VOIP and 9-1-1 communications are not integrated.

Association of Public Safety Communications (APCO) officials recently announced their concern that the rapid deployment of VOIP service will have a serious and negative impact on the efficacy of 9-1-1 emergency communications, which is a critical infrastructure of the nationwide emergency management and response sector. "VOIP often does not give emergency service operators full information about where the call is coming from," an APCO spokesperson said, "and there is a very real likelihood that a 9-1-1 call from a VOIP telephone will be lost, delayed, or misrouted."

The Federal Communications Commission (FCC) requires 9-1-1 calls from wireline and cellular phones to provide the emergency operator with the number of the phone and its location. This Enhanced 9-1-1 service is available for wireline phones and is being implemented for cellular service. However, there is no similar requirement for VOIP. A telephone number associated with the VOIP call is often in a format the emergency communications system does not recognize, and is frequently not associated with a location in the 9-1-1 system database. Therefore, APCO has urged the FCC to require that VOIP providers make their services fully compatible with 9-1-1 services.

APCO said a number of VOIP providers are voluntarily working toward a solution. Nevertheless, the organization maintains, "enforceable regulation is necessary to ensure that solutions are sufficient to satisfy the public interest."

Christmas Email Warning

Cybersecurity experts warned that hackers are preparing Christmas card emails leading to innocent images, but in fact "trick users with Windows systems into downloading viruses." A senior consultant said, "Microsoft's Internet Explorer (IE) web browser automatically opening files labeled with .jpg or .gif extensions causes the problem."

To eliminate this vulnerability and avoid difficulties in electronic communications, emergency management and response sector members should check their mail filtering systems to ensure emailed images are handled in the same way as other HTML traffic.

Future InfoGrams

This issue of the InfoGram will be the last for 2003. The InfoGram, published 49 of 52 weeks each year, will not be circulated on 25 December and 1 January. Therefore, the next weekly document will be issued on 8 January 2004.

Everyone at the U.S. Fire Administration and the CIPIC/ISAC wish all emergency management and response (fire and EMS) personnel very happy and peaceful holidays. We extend our thoughts and prayers that your New Year will be filled with much safety and success while training and responding to each and every incident.