Infogram

November 15, 2001

NOTE: This INFOGRAM will be distributed weekly to provide members of the emergency services sector with news and information concerning the protection of their critical infrastructures. For further information please contact the U.S. Fire Administration's Critical Infrastructure Protection Information Center at (301) 447-1325 or e-mail at usfacipc@dhs.gov.

Establishing a Department CIP Program

The dreadful attacks of 11 September should provide all fire and emergency medical service departments with enough justification to immediately implement a critical infrastructure protection (CIP) program. Remember, the purpose of CIP is to protect the critical physical and cyber systems upon which survivability and mission accomplishment depend. However, if the threat of terrorism itself does not motivate action, then recall that the CIP process also mitigates or eliminates the devastation of fire and EMS critical assets caused by nature and HazMat accidents.

The USFA CIPIC will provide assistance (via telephone, electronic mail, or facsimile) to any department that desires to establish a CIP program. With or without CIPIC consultation, department leaders can initiate the following actions to protect their critical infrastructures from deliberate, natural, or accidental attacks:

Win support of the department leadership and orient the CIP program to them.
Establish the relationship between the organization's mission and the purpose of CIP.
Brief all personnel regarding the necessary connection between CIP and mission.
Focus the program on the practice of the CIP process.
Practice operations security (protecting sensitive information) concurrently with CIP.
Remain vigilant for threat advisories and new CIP trends, methods, and conditions.

Fire and EMS Critical Infrastructures

Depending on how it is used, the term "critical infrastructures" can be confusing. Any attempt to reduce the mystery should begin with the fact that critical infrastructures are those physical and cyber assets essential for mission accomplishment. For further clarification, they are the people, things, or systems that will seriously degrade or prevent survivability and mission success if not intact and operational. Although there are many similarities, the differences in physical and cyber systems among individual departments necessitate that senior leaders identify their own critical infrastructures.

Some examples of the critical infrastructures common among fire and emergency medical service departments are:

Firefighters and Emergency Medical Service personnel.
Fire and EMS stations, apparatus, and communications.
Public Safety Answering Points (or 9-1-1 Centers).
Computer-aided dispatch and computer networks.
Pumping stations and water reservoirs for major urban areas.
Major roads and highways serving large population areas.
Bridges and tunnels serving large population areas.

Protecting Critical Infrastructures

The critical infrastructures listed above were selected because their daily status will directly affect whether or not a fire or EMS department can successfully perform assigned missions. If department leaders follow the CIP process and determine any one of these examples to be threatened and vulnerable, then they should not accept risk. As necessary, they should seek local government assistance to apply protective measures as soon as possible.

Numerous critical infrastructures only indirectly influence the assets required for fire and EMS survivability and mission preparedness. These infrastructures have more direct consequence for other sectors of the nation, despite the fact that an incident at any one of them elicits action by emergency first responders.

The following are some examples of critical infrastructures having less impact on fire and EMS mission readiness and more influence on the functioning of other sectors of the nation:

Telecommunications facilities.
Electrical and nuclear power plants.
Crude and refined petroleum pipelines.
Oil and gas holding, refining, and processing facilities.
Aviation, rail, and ship conduits and support systems.
Water dams, pipelines, and filtration systems.

More About Operations Security

Last week's INFOGRAM stated that Operations Security (OPSEC) and Critical Infrastructure Protection (CIP) are closely related. As a reminder, OPSEC is about protecting sensitive "unclassified" information that can be exploited by adversaries to disrupt operations and cause catastrophic events. OPSEC intends to deny our enemies any sensitive information that will assist their efforts to identify vulnerable targets and plan future attacks.

Those who desire to destroy our nation will frequently attempt to influence a person into divulging sensitive information, granting unauthorized access to facilities, and permitting unauthorized use of information systems. These individuals are skillful at employing deception to persuade people into relinquishing information or access they normally would not have provided. They usually pretend to be someone they are not and will appeal to a victim's sympathy or ego by challenging the person's knowledge. Frequently, they will perform as someone in authority and demand information by way of intimidation. These deceitful characters capitalize on our human nature to be helpful and trusting, even naive. However, in our efforts to be pleasant and cooperative, we often and unwittingly disclose sensitive information and allow inappropriate access.

The fire and emergency medical services do have and use information which should be considered sensitive and for official use only. Following are some examples of information and access that should be actively restricted to only those who have the official need to know:

The numbers and positions of personnel.
The numbers and types of apparatus including equipment.
The numbers and types of communications assets including channels and frequencies.
Existing policies and standard operating procedures.
Existing department shortcomings or weaknesses.
Future upgrades in personnel, apparatus, and systems.

USFACIPC Weekly Lexicon: Protocols

(adapted from the Critical Infrastructure Glossary of Terms by the Critical Infrastructure Assurance Office)

A set of rules and formats that are agreed upon methods of communications used by computers. A specification that describes the procedures that products should follow to perform activities on a network, such as transmitting data.

FAIR USE NOTICE

This INFOGRAM may contain copyrighted material that was not specifically authorized by the copyright owner. EMR-ISAC personnel believe this constitutes "fair use" of copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use copyrighted material contained within this document for your own purposes that go beyond "fair use," you must obtain permission from the copyright owner.

Reporting Notice

DHS and the FBI encourage recipients of this document to report information concerning suspicious or criminal activity to DHS and/or the FBI. The DHS National Operation Center (NOC) can be reached by telephone at 202-282-9685 or by e-mail at NOC.Fusion@dhs.gov.

The FBI regional phone numbers can be found online at www.fbi.gov/contact/fo/fo.htm

For information affecting the private sector and critical infrastructure, contact the National Infrastructure Coordinating Center (NICC), a sub-element of the NOC. The NICC can be reached by telephone at 202-282-9201 or by e-mail at NICC@dhs.gov.

When available, each report submitted should include the date, time, location, type of activity, number of people and type of equipment used for the activity, the name of the submitting company or organization, and a designated point of contact.

Weekly INFOGRAM's are now available as an RSS Feed. More Information »