|
Volume 23 — Issue 45 | November 9, 2023 |
|
|
To protect against the toxic and sometimes carcinogenic contaminants of the modern fireground, structural firefighters need personal protective equipment (PPE) that can provide contamination control in addition to meeting all basic safety and performance requirements. Firefighter PPE should not become a source of contamination; it should be made of safe, durable materials and should be easy to decontaminate.
On Oct. 3, the National Fire Protection Association (NFPA) released its second draft of NFPA 1970, a new standard for the fire service that addresses these needs with new performance requirements for firefighter PPE.
NFPA 1970 is a consolidation of existing standards for clothing (NFPA 1971), work uniforms (NFPA 1975), self-contained breathing apparatus (SCBA) (NFPA 1981) and personal alert safety system (PASS) devices (NFPA 1982) into one document. These standards were combined in alignment with the NFPA’s consolidation plan for all standards for emergency response. With this consolidation, the whole firefighting ensemble can now be addressed in a single standard.
Although NFPA 1970 will not be finalized until 2024, most of the changes likely to be incorporated are now well documented in the NFPA’s second draft.
Some of the most significant changes are focused on increasing contamination resistance and cleanability of gear. The new standard proposes to make particulate-blocking hoods required rather than optional. Changes also aim to address restricted substances such as PFAS in a meaningful way with improved testing methods. NFPA 1970 includes a section outlining a range of new test methods for evaluating the whole ensemble for thermal protection, heat stress impact and protection from particulates and gases.
The NFPA’s Second Draft Report on NFPA 1970 can be accessed at no cost by creating a free account on NFPA’s website. The Second Draft Report consists of the entire second draft of the standard along with all public comments, technical committee actions and responses, and second revisions.
A final comment period on NFPA 1970 is now open. Anyone can review the technical committees’ changes and submit comments using the NFPA’s Notice of Intent to Make a Motion (NITMAM) process until Dec. 4, 2023.
To learn more, see the Oct. 25 article from FireRescue1 which provides a detailed discussion of these changes and their implications. Additionally, FireRescue1 will host a webinar on Wednesday, Nov. 15, from 3-4 p.m. EST (2-3 p.m. CST), How changes in the new NFPA standards for turnout gear and SCBA will affect the fire service. The webinar will be an opportunity to hear directly from NFPA technical committee members who will discuss the specific changes, how these changes will affect the purchase of new gear and SCBA, and other significant impacts.
(Sources: NFPA, FireRescue1)
|
|
|
The Emergency Services Sector (ESS) represents the nation’s first line of defense in the prevention and mitigation of risk from both intentional and unintentional manmade incidents, as well as from natural disasters. The ESS was critically involved in the response to the COVID-19 pandemic, with each sector discipline contributing essential services.
In 2022, the Cybersecurity and Infrastructure Security Agency’s (CISA’s) Emergency Services Sector Management Team (ES SMT) established a working group of ESS government and private sector partners to examine the sector’s response to the pandemic and develop lessons learned from its experiences.
CISA’s ES SMT has just released its Emergency Services Sector COVID-19 After Action Review. This 35-page report is a product of the working group discussions. It outlines major challenges during the response, challenges that continue to persist today, and lessons learned for each of the following topics:
- General COVID-19 Response.
- Logistics and Supply Chain.
- Staffing and Capacity Needs.
- Mental and Physical Health Impacts.
- Communication, Collaboration, and Coordination.
- Crosscutting Effects
- Preparedness and Guidance.
The report also provides a references section with links to key resources assembled by CISA’s ES SMT.
For more information, email the Emergency Services Sector Management Team at EmergencyServicesSector@cisa.dhs.gov or visit CISA.gov/Emergency-Services-Sector.
(Source: CISA)
On Nov. 7, the Federal Emergency Management Agency (FEMA) and CISA released the joint guide Planning Considerations for Cyber Incidents: Guidance for Emergency Managers.
Emergency managers should be able to understand and prepare for the potential impacts of cyber incidents on their communities and emergency operations. This guide is intended to provide state, local, tribal, and territorial (SLTT) emergency managers with foundational knowledge of cyber incidents. The guide supports the development of a cyber incident response plan or annex.
FEMA, in cooperation with CISA, will host several 60-minute webinars in November to provide an overview of the guide and supporting materials.
To learn more, access the document and supporting materials, and register for one of the upcoming webinars, visit FEMA’s “Planning Considerations for Cyber Incidents: Guidance for Emergency Managers” event page. For continued updates on efforts related to the guide, please visit FEMA’s “Planning Guides” page.
(Sources: CISA, FEMA)
The American College of Medical Toxicology (ACMT) and the Center for Forensic Science Research and Education (CFSRE) will host a virtual, two-day seminar in forensic toxicology, Expanding Worlds of Cannabinoids and Polydrug Exposures, on Dec. 14-15, 2023.
The seminar will feature some of the top professionals in forensic science and medicine, harm reduction, and the legal and law enforcement fields from across the U.S., Canada, and Europe. Expert faculty will review cannabis and alternative cannabinoid impairment and will assess new research on medical legal death investigations involving polydrug exposures including fentanyl, xylazine, benzodiazepines, and more.
After completing these two seminars, participants should be able to:
- Recognize the historical and legislative drivers of cannabis legalization and cannabinoids.
- Evaluate laboratory testing challenges and pharmacological mechanisms of cannabinoids.
- Describe the complexities and challenges of forensic and medical toxicology in cases involving polydrug exposures.
Law enforcement officers may benefit from this information, especially those involved in traffic safety such as sheriff’s office, highway patrol, highway safety, and state troopers. Emergency medical services providers may be interested in some of the medical information provided at this event on the pharmacology of cannabinoids and the medical toxicology of polydrug exposures.
Participants can register for one or both days of this event. Participants have the option of attending the live, virtual event, or watching the recordings on demand after the event.
To access the agenda, speaker information, and to register, visit ACMT’s website.
(Source: ACMT)
|
|
White House Fact Sheet: Biden-Harris Administration Convenes Third Global Gathering to Counter Ransomware
This week, the White House convened International Counter Ransomware Initiative (CRI) for its third meeting in Washington, D.C., bringing together 50 members, including 48 countries and representatives from the European Union and INTERPOL, to discuss new operational projects and develop concrete policy commitments.
This year’s convening of the CRI focused on launching capabilities to disrupt attackers and the infrastructure they use to conduct their attacks, improving cybersecurity through sharing information; and fighting back against ransomware actors.
See the White House’s Fact Sheet for the full list of initiatives and commitments the CRI will pursue in the coming year.
(Source: White House)
CISA sees increase in zero-day exploitation, official says
The associate director for capacity building within CISA’s cybersecurity division, said that in the past month or so, the agency has seen “a really high increase in zero-day activity, exploits that we’re seeing across the globe, really affecting the federal government networks throughout the federal government.”
U.S. government officials recently have described a tendency toward growing sophistication in the state-backed hacking campaigns, one hallmark of which is the use of the previously unknown vulnerabilities known as zero days.
CISA’s associate director also noted that in fiscal year 2023, CISA saw “among the first instances of ransomware within the federal government” as well as “an uptick in DDoS activity” that is “actually disrupting a lot of federal activity.”
(Source: Cyberscoop)
|
|
HC3 Analyst Note: BlackSuit Ransomware
A relatively new ransomware group and strain known as BlackSuit, with significant similarities to the Royal ransomware family, will likely be a credible threat to the Healthcare and Public Health (HPH) sector. Discovered in early May 2023, BlackSuit’s striking parallels with Royal, the direct successor of the former notorious Russian-linked Conti operation, potentially places the group with one of the most active ransomware groups in operation today. Both Royal and the now defunct Conti are known to have aggressively targeted the HPH sector, and if their purported ties to BlackSuit prove to be verified, then the sector will likely continue to be attacked profoundly.
See the full Analyst Note from the Department of Homeland Security (HHS), Health Sector Cybersecurity Coordination Center (HC3) for an overview of the potential new group, possible connections to other threat actors, an analysis of its ransomware attacks, its target industries and victim countries, impact to the HPH sector, MITRE ATT&CK techniques, indicators of compromise, and recommended defense and mitigations against the group.
(Source: HHS HC3)
Okta hack blamed on employee using personal Google account on company laptop
Okta is blaming the recent hack of its support system on an employee who logged into a personal Google account on a company-managed laptop, exposing credentials that led to the theft of data from multiple Okta customers.
“We can confirm that from September 28, 2023 to October 17, 2023, a threat actor gained unauthorized access to files inside Okta’s customer support system associated with 134 Okta customers, or less than 1% of Okta customers. Some of these files were HAR files that contained session tokens which could in turn be used for session hijacking attacks,” Okta’s security chief said in a note that contains a detailed timeline of the incident.
The Okta chief security officer said his team’s initial investigations focused on access to support cases and later made a major breakthrough after BeyondTrust shared a suspicious IP address attributed to the threat actor.
(Source: Security Week)
Data claimed to be from Dallas County cyberattack posted online, officials say
Data allegedly from the recent cyberattack on Dallas County systems has been posted online, county officials confirmed on Tuesday, Nov. 7.
A Dallas County judge said county officials were "thoroughly reviewing the data in question to determine its authenticity and potential impact."
The ransomware cybercrime organization known as “Play” claimed responsibility and had threatened to reveal private county documents on Nov. 3. Dallas County shared in an update last week that, due to containment measures, the data exfiltration from the county's environment was interrupted, preventing any encryption of its files or systems. County officials said the incident appeared to have been effectively contained, partly due to implemented security measures – including extensive deployment of an endpoint detection and response tool, forcing password changes for all of the systems' users, requiring multi-factor authentication and blocking ingress and egress traffic from IP addresses found to be malicious.
Play is the same group that took credit for a ransomware attack on the city of Oakland, Calif., earlier this year. That attack was so severe it triggered a local state of emergency after personal financial information was leaked online.
(Source: ABC News Dallas)
|
|
The InfoGram is distributed weekly to provide members of the Emergency Services Sector with information concerning the protection of their critical infrastructures. |
|
|
Fair Use Notice:
This InfoGram may contain copyrighted material that was not specifically authorized by the copyright owner. The EMR-ISAC believes this constitutes “fair use” of copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use copyrighted material contained within this document for your own purposes that go beyond “fair use,” you must obtain permission from the copyright owner.
Linking Policy and Disclaimer of Endorsement:
The appearance of external hyperlinks does not constitute endorsement of the linked websites, or the information, products or services contained therein. We provide these links and pointers solely for your information and convenience. When you select a link to an outside website, remember that you are subject to the privacy and security policies of the owners/sponsors of the outside website. To view information and resources on the policies that govern FEMA web content visit FEMA Website Information.
Section 504 Notice:
Section 504 of the Rehabilitation Act requires that FEMA grantees provide access to information for people with disabilities. If you need assistance accessing information or have any concerns about access, please contact FEMAWebTeam@fema.dhs.gov.
|
|
|
|
|
