This InfoGram will be distributed weekly to provide members of the Emergency Services Sector with information concerning the protection of their critical infrastructures. For further information, contact the Emergency Management and Response - Information Sharing and Analysis Center (EMR-ISAC) at (301) 447-1325 or by email at emr-isac@fema.dhs.gov.
The Emergency Management and Response-Information Sharing and Analysis Center (EMR-ISAC) accepts that it is impossible to deter all attacks on people, physical assets, and communication/cyber systems. Despite the best preventive measures by communities and their first responders, a man-made or natural disaster will eventually occur and destroy critical infrastructures upon which citizens depend for health, safety, and security. The EMR-ISAC further asserts that a single jurisdiction alone cannot completely prevent this devastation from happening.
In the event of a major terrorist attack or massive natural disaster, the outlying communities surrounding the affected area will have to deal with large numbers of survivors attempting to escape from harm. These outlying municipalities and their emergency personnel will experience inevitable strain and added expenses to accommodate evacuees for whom they were unprepared to receive. Therefore, including outlying communities in security planning would be a prudent thing to do, which the EMR-ISAC strongly recommends.
The ability of different departments, agencies, businesses, and services in a geographic region to work together before, during, and after a catastrophic incident provides significantly increased opportunities to protect against or mitigate the threat from all hazards. When creating a security plan, the EMR-ISAC suggests emergency managers and the chief officers of the emergency services should ensure their counterparts as well as local business owners from outlying communities are represented at the "regional planning table." The entire region will benefit from this approach to critical infrastructure protection.
To avoid disruptions in service and the possible degradation to Emergency Services Sector (ESS) cyber and communication resources, the Emergency Management and Response-Information Sharing and Analysis Center (EMR-ISAC) offers information about the upcoming change to Daylight-Saving Time (DST).
DST will start at 2:00 a.m. on 11 March this year, three weeks earlier than usual, as authorized by the U.S. Energy Policy Act of 2005. However, service issues could arise for any system or device with a computer-clock dependent process that is not set to synchronize with the DST change. According to the Information Technology-Information Sharing and Analysis Center (IT-ISAC), "Complications on affected systems could range from missed appointments due to un-updated calendars, to failures of systems that depend on correct time stamps to store, monitor, or help operate critical infrastructures." A partial list of time-stamped data services that could potentially be affected includes databases, mail servers and Network Protocol (NTP) servers, firewalls, switches, backup and storage systems, cell phones and PDA devices, voice mail and interactive voice response (IVR) systems, PBX systems, and printers, copiers, and facsimile (fax) machines. Equipment used for such purposes as training, e.g., VCRs and DVRs, and digital radios also could be affected.
To mitigate the effects of the DST 2007 changes, the IT-ISAC encourages emergency response organizations to perform thorough assessments of all automated processes, including an assessment of the organization's utility system, in addition to its computers and servers. Starting now to contact appropriate personnel provides comfortable runway distance to conduct an assessment, test critical systems, and apply available patches. Additional recommendations include ensuring that computer technology personnel are available for assistance on 11 and 12 March, and advising personnel to be especially attentive to meetings and appointments scheduled during the initially extended DST period (11 March through 1 April 2007).
The EMR-ISAC suggests that ESS organizations contact their Operating System (OS) vendor(s) to request patch requirements and their availability. Microsoft (MS), for instance, is warning customers that the DST switch is not accounted for in a number of its products, and is offering a complete list of affected MS software and patch/updating guidance.
Personal Alert Safety Systems (PASS) devices that sound an alert when members of the Emergency Services Sector (ESS) are lost, injured, or incapacitated at incidents, are critical to protect personnel, the foremost ESS critical infrastructure. Information based on investigations into firefighter deaths that occurred when PASS alarm signals were not heard or were barely audible was a factor in the National Fire Protection Association's (NFPA) decision to revise its Standard on Personal Alert Safety Systems (NFPA 1982).
After being notified of PASS device alarm signal failures by the National Institute for Occupational Safety and Health's (NIOSH) Fire Fighter Fatality Investigation and Prevention Program, the NFPA published a notice in 2005 alerting responders that the PASS alarm signals could fail at high temperatures. Laboratory tests conducted by the National Institute for Standards and Technology showed that PASS alarm signal sound reductions began to occur at temperatures as low as 300�F and affected all PASS devices certified as compliant to the 1998 Edition of NFPA 1982.
NFPA's 2007 Edition of Standard 1982 contains revisions that provide for strengthened performance requirements and tests that address the alarm signal degradation issue as well as problems caused by vibration and by water entering the electronic and power supply compartments of the devices. However, until PASS devices designed and certified to the 2007 Edition are available, emergency organizations are cautioned that hostile conditions at incident scenes could possibly adversely affect the devices' operation. The Emergency Management and Response-Information Sharing and Analysis Center (EMR-ISAC) agrees that ESS leaders and incident commanders should apply all personnel accountability measures to assure safe entrance and exit of personnel from hazardous areas, and strongly discourage freelancing at incident scenes.
PASS malfunctions and other operating problems should be reported to the Safety Equipment Institute at info@seinet.org, and to NIOSH's National Personal Protection Technical Laboratory at info@seinet.org.
The Emergency Management and Response-Information Sharing and Analysis Center (EMR-ISAC) frequently disseminates Critical Infrastructure Protection (CIP) "For Official Use Only" (FOUO) Notices to the validated leaders of the Emergency Services Sector (ESS). These notices usually originate from the Department of Homeland Security (DHS) and normally contain information regarding the threats to, vulnerabilities of, and security best practices for the nation's critical infrastructures, including ESS departments and agencies.
CIP (FOUO) Notices are exclusively for vetted ESS leaders, owners, and operators. The information should not be released either in oral or written form to the media, the general public or other personnel who do not have a valid "need-to-know" without prior approval from the EMR-ISAC.
Individuals in leadership positions within ESS organizations who are not receiving CIP (FOUO) Notices should contact the EMR-ISAC as soon as possible at emr-isac@fema.dhs.gov or at 301-447-1325. However, those personnel who are receiving these notices, but are having difficulty rapidly opening the documents should download and install the free Adobe Reader 8 software (the latest version for your Operating System) using the following link: http://www.adobe.com/products/acrobat/readstep2.html.
The U.S. Fire Administration/EMR-ISAC does not endorse the organizations sponsoring linked websites, and does not endorse the views they express or the products/services they offer.
This INFOGRAM may contain copyrighted material that was not specifically authorized by the copyright owner. EMR-ISAC personnel believe this constitutes "fair use" of copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use copyrighted material contained within this document for your own purposes that go beyond "fair use," you must obtain permission from the copyright owner.
DHS and the FBI encourage recipients of this document to report information concerning suspicious or criminal activity to DHS and/or the FBI. The DHS National Operation Center (NOC) can be reached by telephone at 202-282-9685 or by email at NOC.Fusion@dhs.gov.
The FBI regional phone numbers can be found online at www.fbi.gov/contact/fo/fo.htm
For information affecting the private sector and critical infrastructure, contact the National Infrastructure Coordinating Center (NICC), a sub-element of the NOC. The NICC can be reached by telephone at 202-282-9201 or by email at NICC@dhs.gov.
When available, each report submitted should include the date, time, location, type of activity, number of people and type of equipment used for the activity, the name of the submitting company or organization, and a designated point of contact.
Weekly INFOGRAM's are now available as an RSS Feed. More Information »
Last Reviewed: Historical Document
Happy New Year! Add this resolution to the top of your list: test all home smoke alarms each month - starting today! January 1, 2013 @ 10:04 AM ET
U.S. Fire Administration, 16825 S. Seton Ave., Emmitsburg, MD 21727 | USNG: 18SUJ00529652
(301) 447-1000 Fax: (301) 447-1346 Admissions Fax: (301) 447-1441
