April 6, 2006 InfoGram

This InfoGram will be distributed weekly to provide members of the Emergency Services Sector with information concerning the protection of their critical infrastructures. For further information, contact the Emergency Management and Response - Information Sharing and Analysis Center (EMR-ISAC) at (301) 447-1325 or by email at emr-isac@fema.dhs.gov.

Social Engineering and Phishing Attacks

In ongoing analyses of the threats to the Emergency Services Sector's (ESS) cyber assets, the Emergency Management and Response-Information Sharing and Analysis Center (EMR-ISAC) has noted increasing coverage of social engineering attacks.

Social engineering attacks, including "phishing," occur when someone uses human interaction to obtain or compromise information about an organization or its computer systems. An attacker could be someone claiming to be a new employee or repair person who asks questions and pieces together enough information to infiltrate an emergency organization's system. Phishing attacks use email or malicious websites (including vendors an ESS organization might use) to solicit information. For example, an email message might refer to a previous equipment order, prompting the ESS member to disclose otherwise confidential information. Phishing attacks often succeed because the emails and websites appear to be authentic. A recent Harvard/UC Berkeley research study found that, "The best phishing site was able to fool more than 90 percent of participants."

Among the government websites that offer resources to help protect the cyber assets of the ESS, the Federal Trade Commission's OnGuard Online includes an overview of phishing and tips on avoiding attacks, including checking the address bar, status bar and security indicators on phishing sites. After reviewing the information, readers can test their knowledge of phishing email scams by clicking on "Avoid the Bait." It also is the website for non-federal computer users to report phishing attacks (http://onguardonline.gov/phishing.html).

Another resource, the U. S. Computer Emergency Readiness Team (US-CERT) at http://www.us-cert.gov, publishes an electronic cyber security bulletin that compiles vulnerabilities, threats, exploits, trends, malicious code, and relevant news articles from across the nation. The EMR-ISAC suggests that US-CERT's many resources, including free email alerts and links to additional cyber protection websites, could help Emergency Services Sector leaders to ensure the outstanding security of their information systems.

Interdependent Regional Response Partnership

One of the most-feared natural disasters in the Pacific Northwest, an enormous earthquake that would affect an 800-mile zone from Vancouver, Canada, to San Francisco, is being prepared for by a public-private partnership.

The Pacific Northwest Economic Region (PNWER), formed in 1991, is the "only statutory, nonpartisan, nonprofit, bi-national, public-private partnership in North America," according to its website: http://www.pnwer.org. Its goal is to create, and share with other regions, a coordinated and interdependent disaster response plan that can serve as a model for regional disaster response for any type of large-scale incident.

PNWER, with funding from the Department of Homeland Security, recently held an infrastructure interdependencies workshop that examined breaking down barriers between stakeholders to prioritize and coordinate response, recovery, and rebuilding efforts across critical infrastructure systems. Speakers concentrated discussions on gaining knowledge of gaps in disaster preparedness planning and management, and determining what is necessary for a region to become more disaster-resilient.

Among the 328 workshop participants were representatives of the Emergency Services Sector (ESS), transportation, public health, utilities, and telecommunications firms. The Infrastructure Security Partnership's (TISP) Regional Disaster Resilience Action Guide, described in the 30 March InfoGram, was used as a guide for the PNWER workshop.

Given the role of the ESS in disasters, the focus on resiliency, and the interdependency of critical infrastructure systems, the Emergency Management and Response-Information Sharing and Analysis Center (EMR-ISAC) suggests that responder organizations consider periodically reviewing PNWER's workshop findings and project materials at the partnership's website.

ESS Safety at Propane Incidents

Propane, a flammable substance and one of several constituent gases that make up Liquefied Petroleum Gas (LPG), is the LP-Gas most frequently encountered by the Emergency Services Sector (ESS) responding to industrial, commercial, and consumer incidents. The Emergency Management and Response-Information Sharing and Analysis Center (EMR-ISAC) notes that the Propane Emergencies Program offers training materials with life-saving information for the response sector similar to the pipeline emergencies program described in the 17 February InfoGram.

The propane program was created specifically for the emergency services to protect their personnel at propane incidents at fixed facilities or in transportation. Among the training materials available on line are 20 complete propane incident scenarios. Each full scenario includes critical responder personal protection information. An "instructor's workshop" component features an eLibrary, general training tips and adult-specific training tips, changes and corrections to the program, and methods for presenting it in 4-, 8-, and 24-hour formats. Additional program materials have a nominal charge.

Intended to be useful for fire and hazmat responders as well as EMS, rescue squad, emergency management, and law enforcement ESS members, the training materials can be accessed at http://www.propanesafety.com, the website of the Propane Education and Research Council.