|
Volume 21 — Issue 26 | July 1, 2021 |
|
As new data continues to emerge on the COVID-19 pandemic, clinicians and scientists have become increasingly alarmed with a syndrome that has been informally termed “long COVID” – continued symptoms of COVID-19 that last 3 weeks or more after the diagnosis. Long COVID patients have a broad range of overlapping and often debilitating symptoms, such as muscle pain or chest pain, difficulty breathing or shortness of breath, and severe fatigue. The physical symptoms of long COVID seem to be independent of the severity of the initial infection symptoms, according to preliminary research on this emerging pattern of illness.
In June 2021, the Centers for Disease Control and Prevention (CDC) released Evaluating and Caring for Patients with Post-COVID Conditions: Interim Guidance. The CDC defines “post-COVID conditions” as “an umbrella term for the wide range of physical and mental health consequences experienced by some patients that are present four or more weeks after SARS-CoV-2 infection, including by patients who had initial mild or asymptomatic acute infection.”
In addition to offering the most updated recommendations for health care providers, the CDC’s new guidance provides resources for patients suffering with these conditions, including information on very recently established support and advocacy groups for long COVID patients.
An April 2021 article in FireRescue1 stresses that, for those who have recovered from or are recovering from COVID-19, it is important to watch for potential long-term symptoms and to allow adequate time for the body to recover. The fire service will need to be attentive to the ability of firefighters to respond to full operational capacity following a prolonged recovery period.
Knowledge of post-COVID conditions is likely to change rapidly with ongoing research. The CDC recommends that both healthcare professionals and patients continue to check CDC’s website for updates on evolving guidance for post-COVID conditions.
(Sources: CDC, FireRescue1)
The recent tragic building collapse of the Surfside condo tower in Miami-Dade County, Florida resulted in deployment of several urban search and rescue teams around the country to help with rescue and recovery efforts. These elite resources are highly technically skilled and technologically equipped, and their capabilities are mission-critical during a major disaster such as the Surfside condo structural collapse.
The Federal Emergency Management Agency’s (FEMA’s) National Integration Center is seeking public feedback on two Urban Search and Rescue (US&R) Job Title/Position Qualifications. These resource typing documents enhance the interoperability and effectiveness of mutual aid by establishing baseline qualifications for Urban Search & Rescue Logistics and Medical Specialists. This facilitates the sharing of deployable US&R resources at all jurisdictional levels.
National engagement provides an opportunity for interested parties to comment on the draft documents to ensure they are relevant to all implementing partners. If you have experience with urban search and rescue, you can help by giving FEMA your feedback on these two resource-typed positions.
This 30-day national engagement period will conclude at 5:00 p.m. EST on July 29, 2021. To provide feedback, review the draft documents, complete the feedback form [Excel file download, 16 KB] with your comments, and submit the form to FEMA-NIMS@fema.dhs.gov no later than 5:00 p.m. EST on July 29, 2021.
(Source: FEMA)
|
|
For public safety personnel to effectively respond to incidents and events, there must be reliable, secure, operable, and interoperable communications systems in place. However, the rapid rate of technology evolution means public safety agencies must also plan for the ongoing integration and alignment of technologies such as Land Mobile Radio (LMR), Next Generation 911 (NG911), FirstNet Authority’s Nationwide Public Safety Broadband Network, as well as alerts, warnings, and notifications systems.
In their efforts to ensure emergency communication systems are in a secure and interoperable state, the public safety community will likely continue to face funding challenges.
Public safety agencies need to be able to balance integration and alignment of communications technologies with other competing priorities and funding needs. They also need to be able to prepare clear and concise budget options that identify multiple revenue streams, especially given fluctuating funding levels.
To address these needs, the Cybersecurity and Infrastructure Security Agency (CISA), in partnership with SAFECOM and the National Council of Statewide Interoperability Coordinators (NCSWIC), recently released an updated Funding Mechanisms Guide for Public Safety Communications to assist public safety agencies in identifying funding sources for emergency communications projects. This update builds on the 2015 version of the Guide. It highlights strengths, challenges, and opportunities for public safety communications funding, and incorporates examples of real-world successes and challenges from states and localities.
The Funding Mechanisms Guide assists agencies in determining whether a particular strategy for obtaining funding is suitable for their community. To assist in identifying appropriate solutions, this document summarizes the Emergency Communications System Lifecycle Planning Guide Compendium’s pre-planning steps. These steps help agencies look past initial capital investments to consider acquisitions, repairs, and upgrades as necessary costs, and plan for the entire system lifecycle. Along with this guidance, the document includes an extensive inventory of all different types of funding mechanisms, and a list of resources for additional considerations, guidance, and best practices.
The Funding Mechanisms Guide, along with many of the resources referenced within the Guide, are available within CISA’s Sustaining Public Safety Communications Systems Documents collection.
CISA encourages public safety agency leaders to visit SAFECOM’s Funding Resources page, where you can find guidance on grant funding for emergency communications projects, as well as brief descriptions of all of the resources provided in CISA’s Sustaining Public Safety Communications Systems Documents collection.
(Source: CISA)
The January 6 incident at the United States Capitol presented a unique set of circumstances for the District of Columbia (DC) Fire and EMS Department: a planned protest turned into a riot. There are important lessons to be learned about unified command; working with multiple agencies; having adequate resources; and making decisions in a changing tactical environment.
The International Association of Fire Chiefs (IAFC) will host a webinar on Tuesday, July 20, 2021, from 1:00 to 2:00 p.m. EST to discuss the emergency response at the January 6 Incident at the U.S. Capitol. At this webinar, the Chief and Deputy Chief from the DC Fire and EMS Department will discuss the issues that arose on January 6 and lessons that can be learned for fire and EMS agencies.
This webinar is free to join and open to anyone, but registration is required.
(Source: IAFC)
|
|
CISA’s CSET Tool sets sights on ransomware threat
The Cybersecurity and Infrastructure Security Agency (CISA) has released a new module in its Cyber Security Evaluation Tool (CSET): the Ransomware Readiness Assessment (RRA). CSET is a desktop software tool that guides network defenders through a step-by-step process to evaluate their cybersecurity practices on their networks. CSET—applicable to both information technology (IT) and industrial control system (ICS) networks—enables users to perform a comprehensive evaluation of their cybersecurity posture using many recognized government and industry standards and recommendations.
CISA strongly encourages all organizations to take the CSET Ransomware Readiness Assessment, available at https://github.com/cisagov/cset/releases/tag/v10.3.0.0.
(Source: CISA)
CISA is developing a catalog of Bad Practices
As recent incidents have demonstrated, cyberattacks against critical infrastructure can have significant impacts on the critical functions of government and the private sector. All organizations, and particularly those supporting designated Critical Infrastructure or National Critical Functions (NCF) should implement an effective cybersecurity program to protect against cyber threats and manage cyber risk in a manner commensurate with the criticality of those NCFs to national security, national economic security, and/or national public health and safety.
CISA is developing a catalog of Bad Practices that are exceptionally risky, especially in organizations supporting Critical Infrastructure or NCFs. The presence of these Bad Practices in organizations that support Critical Infrastructure or NCFs is exceptionally dangerous and increases risk to our critical infrastructure, on which we rely for national security, economic stability, and life, health, and safety of the public.
Entries in the catalog will be listed here as they are added.
(Source: CISA)
Microsoft: SolarWinds hackers continue to target IT companies
Microsoft says it has observed new activity associated with Nobelium, the Russia-linked threat actor that compromised IT management and monitoring solutions provider SolarWinds.
The SolarWinds attack was brought to light in early December 2020 and it involved compromising SolarWinds’ Orion monitoring product to deliver trojanized updates to the company’s customers worldwide, in an effort to breach their networks.
On Friday, Microsoft revealed that it recently observed password spray and brute-force attacks associated with current Nobelium activity, with targets identified in 36 countries.
(Source: Security Week)
BIOS Disconnect: new high-severity bugs affect 128 Dell PC and tablet models
Cybersecurity researchers on Thursday disclosed a chain of vulnerabilities affecting the BIOSConnect feature within Dell Client BIOS that could be abused by a privileged network adversary to gain arbitrary code execution at the BIOS/UEFI level of the affected device.
In all, the flaws affect 128 Dell models spanning across consumer and business laptops, desktops, and tablets, totaling an estimated 30 million individual devices. Worse, the weaknesses also impact computers that have Secure Boot enabled, a security feature designed to prevent rootkits from being installed at boot time in memory.
CISA’s National Cyber Awareness System encourages users and administrators to review the Dell Security Advisory DSA-2019-084 and apply the necessary update.
(Source: The Hacker News)
NSA shares guidance on securing voice, video communications
The National Security Agency (NSA) has shared mitigations and best practices that systems administrators should follow when securing Unified Communications (UC) and Voice and Video over IP (VVoIP) call-processing systems.
Since these communication systems are tightly integrated with other IT equipment within enterprise networks, they also inadvertently increase the attack surface by introducing new vulnerabilities and the potential for covert access to an organization's communications. Improperly secured UC/VVoIP devices are exposed to the same security risks and targeted by threat actors through spyware, viruses, software vulnerabilities, and other malicious means if not adequately secured and configured.
Visit the NSA’s website to read the abridged and full versions of NSA’s guidance.
(Source: Bleeping Computer)
|
|
The InfoGram is distributed weekly to provide members of the Emergency Services Sector with information concerning the protection of their critical infrastructures. |
|
Fair Use Notice: This InfoGram may contain copyrighted material that was not specifically authorized by the copyright owner. The EMR-ISAC believes this constitutes “fair use” of copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use copyrighted material contained within this document for your own purposes that go beyond “fair use,” you must obtain permission from the copyright owner.
Disclaimer of Endorsement: The appearance of external hyperlinks does not constitute endorsement of the linked websites or the information, products or services contained therein. Reference to any specific commercial products, process or service by trade name, trademark, manufacturer or otherwise, does not necessarily constitute or imply its endorsement, recommendation or favoring by the EMR-ISAC or the U.S. government.
Section 504 Notice: Section 504 of the Rehabilitation Act requires that FEMA grantees provide access to information for people with disabilities. If you need assistance accessing information or have any concerns about access, please contact FEMAWebTeam@fema.dhs.gov.
|
|
|
|
|