group 1 malefactors n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Group 1 Malefactors PowerPoint Presentation
Download Presentation
Group 1 Malefactors

Loading in 2 Seconds...

play fullscreen
1 / 98

Group 1 Malefactors - PowerPoint PPT Presentation


  • 103 Views
  • Uploaded on

Group 1 Malefactors. Tasks for Group 1. Describe the best candidate agents (chemical and biological) that could be used to attack this system. Why are these preferable? What sorts of physical attacks could be used? What are the best alternatives for: hurting people? spreading fear?

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Group 1 Malefactors' - dacian


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
tasks for group 1
Tasks for Group 1
  • Describe the best candidate agents (chemical and biological) that could be used to attack this system.
    • Why are these preferable?
  • What sorts of physical attacks could be used?
  • What are the best alternatives for:
    • hurting people?
    • spreading fear?
    • hurting the economy?
  • Which approach most cost-effective?
  • Which approach is most difficult to detect?
  • What are the types of personnel needed to have an effective system to address these issues?
tools for group 1
Tools for Group 1
  • Maps of the city and water system
  • Description of the water system
  • Lists of:
    • Potential organisms
    • Potential toxins
  • Information on organisms/toxins:
    • NOEL
    • Infective dose
    • Chlorine resistance
weapons of mass destruction
Weapons of Mass Destruction
  • Weapons of Mass Destruction (WMD)
    • Nuclear weapons or improvised nuclear device
    • Radiological material dispersal device
    • Chemical weapons
    • Biological agents
    • Bombs
biological agent characteristics
Biological Agent Characteristics
  • Produce delayed effects
  • Do not penetrate unbroken skin
  • Do not evaporate
  • More toxic than chemicals by weight
  • Undetectable by senses
  • Difficult to detect in the field
biological agent characteristics continued
Biological Agent Characteristics (continued)
  • Most effectively disseminated as aerosols
  • Range of effects
  • Obtained from nature
  • Multiple routes of entry
  • Destroyed by environment (UV light)
  • Some are contagious
slide8

Enhanced Potential of Agents to Contaminate Drinking Water

  • Resistance to disinfectants at normal concentrations
  • Resistance to boiling for 1 to 3 minutes
  • A low oral infectious dose
  • Easy availability
  • Easy to culture without sophisticated equipment
  • Survival in water for long periods of time
  • Difficult to remove by common water treatment practices
tasks for group 2
Tasks for Group 2
  • Describe the vulnerability assessment process.
  • What are the vulnerable components of the Redmond system?
  • What types of protections could be put into place to fortify the system?
    • What are the potential costs of these fortifications?
  • What are the types of personnel needed to have an effective system to address these issues?
tools for group 2
Tools for Group 2
  • Maps of the city and water system
  • Description of the water system
  • Outline of the vulnerability assessment process
  • Potential vulnerabilities
  • Security products
public law 107 188
Public Law 107-188
  • Bioterrorism Preparedness and Response Act of 2002.
  • Requires all cities with a population of over 3300 to conduct a vulnerability assessment (VA) of their water systems (by end of 2004).
  • Incorporate results of VA into Emergency Response Plan (ERP).
  • Obtain EPA certification of ERP.
6 elements of vulnerability assessments
6 Elements of Vulnerability Assessments
  • 1. Characterization of the water system, including its mission and objectives
  • 2. Identification and prioritization of adverse consequences to avoid
  • 3. Determination of critical assets that might be subject to malevolent acts that could result in undesired consequences
6 elements of vulnerability assessments1
6 Elements of Vulnerability Assessments
  • 4. Assessment of the likelihood (qualitative probability) of such malevolent acts from adversaries
  • 5. Evaluation of existing countermeasures
  • 6. Analysis of current risk and development of a prioritized plan for risk reduction
1 characterization of the system
1. Characterization of the System
  • What are the important missions (customers) of the system?
    • General public - Industrial
    • Government - Critical Care
    • Military - Retail Operations
    • Firefighting
characterization of the system
Characterization of the System
  • What are the most important facilities, processes, and assets of the system?
    • Utility facilities
    • Operating procedures
    • Water sources (ground water/surface water)
    • Management practices
    • Treatment processes
    • Storage methods/capacity
    • Chemical use/storage
    • Distribution system
2 identification and characterization of adverse consequences to avoid
2. Identification and Characterization of Adverse Consequences to Avoid
  • Impacts that could disrupt supply of safe and reliable water or cause public health concerns
  • Ranges of consequences for impacts:
    • Magnitude of service disruption
    • Economic impact
    • Number of illnesses/deaths
    • Impact on public confidence
    • Chronic problems
    • Other indicators of the impact of each event
3 determination of critical assets that might be subject to malevolent acts
3. Determination of Critical Assets that Might be Subject to Malevolent Acts
  • Could include:
    • Physical damage or destruction of critical assets
    • Contamination of water
    • Intentional release of stored chemicals
    • Interruption of electricity or other infrastructure interdependencies
4 assessment of the likelihood of malevolent acts
4. Assessment of the Likelihood of Malevolent Acts
  • Moving from what is possible to what is likely
  • Very difficult task
  • “Baseline Threat Information for Vulnerability Assessments of Community Water Systems”
    • Sensitive document prepared by EPA and supplied to community water systems serving more than 3,300 people.
5 evaluation of existing countermeasures
5. Evaluation of Existing Countermeasures
  • What capabilities does the current system employ for detection, delay, and response?
    • Detection
      • Intrusion detection systems
      • Water quality monitoring
      • Operational alarms
      • Guard post orders
      • Employee security awareness
evaluation of existing countermeasures
Evaluation of Existing Countermeasures
  • Delay
    • Locks and key control
    • Fencing
    • Structure integrity for critical assets
    • Vehicle access checkpoints
  • Response
    • Policies and procedures for evaluation and response to:
      • Physical intrusion
      • System malfunction alarms
      • Adverse water quality indicators
      • Cyber system intrusions
6 analysis of current risk and development of a prioritized plan for risk reduction
6. Analysis of Current Risk and Development of a Prioritized Plan for Risk Reduction
  • Analyze information from steps 1-5 to determine current level of risk
  • Are current risks acceptable or should risk reduction measures be pursued?
  • Recommended actions should measurably reduce risks by reducing vulnerabilities and/or consequences through improved deterrence, delay, detection, and/or response
slide34

Top 10 Cyber Vulnerabilities

  • Operator station logged on all the time (with or without operator present)
  • Physical access to the SCADA equipment relatively easy
  • Unprotected SCADA network access from DSL or dial-up modems
  • Insecure wireless access points on the network
  • Most of the SCADA networks directly or indirectly connected to the Internet
slide35

Top 10 Cyber Vulnerabilities

  • No firewall installed or the firewall configuration is weak or unverified
  • System event logs not monitored
  • Intrusion detection systems not used
  • Operating and SCADA system software patches not routinely applied
  • Network and/or router configuration insecure: passwords not changed from default
security products epa gov safewater security guide
Security Products(epa.gov/safewater/security/guide)
  • Cyber Protection Products
    • Firewalls
    • Anti-virus and pest eradication software
    • Network intrusion hardware/software
physical asset monitoring and control products
Physical Asset Monitoring and Control Products
  • Backflow prevention devices
  • Exterior intrusion buried sensors
  • Fences
  • Films for glass-shatter protection
  • Fire hydrant locks
  • Ladder access control
  • Locks
  • Manhole locks
  • Security for doorways
  • Valve lockout devices
  • Visual surveillance monitoring
tasks for group 3
Tasks for Group 3
  • Describe the system that should be in place to detect an attack (through the health care system) involving chemical, radiological, or biological agents.
    • Who would need to be communicating with whom?
    • Who should report a potential problem?
      • To whom?
    • What do you think the pre-defined thresholds (excess cases) of symptoms should be?
    • Should we be testing patients for exposure to potential agents?
    • What are the infra-structure needs/costs to put such a system in place?
  • Describe the potential indicators of an attack (syndromes, epi clues)
  • What are the types of personnel needed to have an effective system to address these issues?
tools for group 3
Tools for Group 3
  • Lists of: (in Group 1 section)
    • Potential organisms (in Group 1 section)
    • Potential toxins
  • Information on organisms/toxins: (in Group 1 section)
    • NOEL
    • Infective dose
  • Epidemiological indicators/sentinel clues
  • Syndromic surveys
identifying an event
Identifying an Event
  • Illness may be the first indication that an event has occurred.
  • Epidemiological clues (sentinel clues) can be used to identify and confirm a CBR exposure event.
epidemiological indicators and sentinel clues
Epidemiological Indicators and Sentinel Clues
  • Record number of severely ill or dying patients over short period
  • Very high attack rates (>60%)
  • Severe and frequent disease in previously health patients
  • Increased and early presentation of disease in vulnerable populations (elderly, immunocompromised)
epidemiological indicators and sentinel clues1
Epidemiological Indicators and Sentinel Clues
  • “Impossible” epidemiology
    • Naturally occurring diseases diagnosed in regions where the disease has not previously occurred.
  • >normal number of patients with gastrointestinal, respiratory, neurologic, or fever diagnoses
  • Record number of fatal cases with few recognizable signs and symptoms
  • Localized areas of disease in specific areas (neighborhoods)
  • Multiple infections at single locations (school, hospital, nursing home) with unusual or rare pathogen
epidemiological indicators and sentinel clues2
Epidemiological Indicators and Sentinel Clues
  • Lack of response or clinical improvement of patients to traditional treatment
  • Near simultaneous outbreaks of similar or different epidemics at the same or different locations indicating a pattern of agent release
  • Endemic disease presenting during an unusual time of the year
  • Endemic disease presenting in a community where the normal vector is absent
epidemiological indicators and sentinel clues3
Epidemiological Indicators and Sentinel Clues
  • Unusual temporal or geographic clustering of cases attending a common public event
  • Increased patient presentation with acute neurologic illness or cranial nerve impairment with progressing generalized weakness
  • Unusual or uncommon route of exposure of a disease
    • Illness resulting from a waterborne agent not normally found in the water environment
syndromic surveys
Syndromic Surveys
  • Monitoring of disease through grouping of cases into syndromes rather than specific diagnoses
    • Certain syndromes may be characteristic of terrorist activity
types of syndromic disease clustering potentially indicating cbr exposure
Types of Syndromic Disease Clustering Potentially Indicating CBR Exposure
  • Gastrointeritis of an apparent infectious etiology, acute toxic chemical exposure, or possible acute radiation exposure
  • Upper and lower respiratory disease with fever and sudden death of previously healthy patients
  • Rash of synchronous skin lesions and fever, reddened skin, radiation burns
  • Suspected meningitis, encephalitis, encephalopathy
types of syndromic disease clustering potentially indicating cbr exposure1
Types of Syndromic Disease Clustering Potentially Indicating CBR Exposure
  • Sepsis or non-traumatic shock
  • Unexplained death with a history of fever
  • Advancing cranial nerve impairment with progressive generalized weakness
tasks for group 4
Tasks for Group 4
  • What actions should be taken in the event that a threat is made?
  • Describe the monitoring systems that are available to detect contaminants.
    • Where should these be placed in the Redmond system?
    • What do anticipate the costs that it would take to implement such a system?
      • Personnel and capital
  • Describe potential alternative water supplies for the citizens of Redmond.
  • What are the types of personnel needed to have an effective system to address these issues?
tools for group 4
Tools for Group 4
  • Maps of the city and water system
  • Description of the water system
  • Lists of: (in Group 1 section)
    • Potential organisms
    • Potential toxins
  • Information on organisms/toxins: (in Group 1 section)
    • NOEL
    • Infective dose
    • Chlorine resistance
  • How to respond to a threat
  • Characteristics of early warning systems
  • Early warning methods
    • Early warning systems currently in-place
  • How to identify alternative water supplies
types of terrorism attacks
Types of Terrorism Attacks
  • No Notice Incident
    • Calls to 9-1-1 & EMS responses
    • Medical community response
    • Epidemiology
  • Warning Provided
    • Detection and Sampling
responding to a threat
Responding to a Threat
  • Identify the threat
  • Immediately notify officials
  • Assess and respond to the threat
  • Communicate with others
  • Consider additional water testing
1 identify the threat
1. Identify the Threat
  • Take any suspicious activity or evidence of vandalism or sabotage seriously
  • Notify your chain of command immediately
  • Designate a response coordinator
  • Document what you see and keep notes
primary indicators of threat
Primary Indicators of Threat
  • Verbal or written threats
      • Should threats be taken seriously?
      • Who should you notify?
      • What actions to take?
    • Classification of Threats
      • Possible
      • Credible
      • Confirmed
  • Locks found off or broken
  • Suspect devices found
secondary indicators of threat
Secondary Indicators of Threat
  • Unusual Items
    • Containers (boxes, drums, bottles,

bags, …)

    • Ropes, pulleys, ladders
    • Additional pumps
    • Foreign objects in water
      • boats, rocks, material
    • Strange odors or colors of water
2 immediately notify officials
2. Immediately Notify Officials
  • Contact local law enforcement
  • Contact appropriate state/federal authorities
  • Alert other officials (local public health)
3 assess and respond to threat
3. Assess and Respond to Threat
  • Inspect facilities but do no disturb evidence
    • This may be a crime scene
  • If threat is credible, call the FBI
  • Pull together a response team
  • Determine if there is a biological, chemical, or physical disruption of supply
  • Determine need for immediate actions
    • Do not drink advisory
    • Boil water advisory
assess and respond to threat
Assess and Respond to Threat
  • If contamination is suspected, sample for indicators
  • Collect samples for future analysis and preserve accordingly
  • Conduct full assessment of facility
  • Develop a communication strategy and communicate with affected people
  • Determine alternative water sources
  • If appropriate, drain, clean, repair, and disinfect system
4 communicate with others
4. Communicate with Others
  • Designate one public spokesperson
    • Control of emotions, calm, in control, firm, polite
  • Identify key messages
  • Anticipate possible questions
    • Prepare answers
  • Never assume that what you say will be “off the record”
  • Avoid conjecture and blame
  • Keep communication succinct and to the point
5 consider additional water testing
5. Consider Additional Water Testing
  • Coliform bacteria
  • Heterotrophic Plate Count
    • >1000 suggests a problem
  • Chlorine Residual
  • Chlorine Demand
  • Total Organic Carbon
  • Total Halogenated Organic Carbon
  • Cyanide
consider additional water testing
Consider Additional Water Testing
  • pH
  • Conductivity
  • Turbidity
  • Fecal Coliform
  • Biomonitoring (Fish ventilatory response)
  • Rapid Microbiological toxicity
  • Consumer complaints
security products epa gov safewater security guide1
Security Products(epa.gov/safewater/security/guide)
  • Cyber Protection Products
    • Firewalls
    • Anti-virus and pest eradication software
    • Network intrusion hardware/software
slide67

Characteristics of an Early Warning System

  • Rapid response time
    • Time from the point of sensor detection to reporting and response – hours to minutes
  • Fully automated
    • No operator present, 24 hour operation
  • Screens for a wide range of contaminants
    • Expensive and technically challenging
    • Difficult to distinguish between harmful and benign substances
slide68

Characteristics of an Early Warning System

  • Specific for the contaminant of concern
    • Able to distinguish between harmful and benign
  • Sufficient sensitivity
    • Need to be sufficiently sensitive to provide quantification of agents at the lowest level that poses a threat
  • Low occurrence of false positives and false negatives
    • Not possible to eliminate but must be known
slide69

Characteristics of an Early Warning System

Characteristics of an Early Warning System

  • High rate of sampling
    • As frequently as is possible
  • Reliable and rugged
    • Be able to withstand field conditions
  • Requires minimal skill and training
    • Should not require excessive skill/training to operate or maintain or to interpret results
  • Affordable
    • The cheaper they are, the more that they will be used
slide70

Early Warning Monitoring Methods

  • Physical analyses
    • Turbidity
    • Conductivity
    • Temperature
    • Odor
  • Chemical analyses
    • On-line probes
      • pH, ions, ammonium, nitrate, cyanide, metals
slide71

Early Warning Monitoring Methods

Early Warning Monitoring Methods

  • Chemical analyses (cont.)
    • Dissolved oxygen
      • Detects presence of oxygen demanding substances (sewage)
    • Nitrate and ammonia
    • Metals
      • Anionic stripping voltametry/polarography
        • Used in Europe, restricted to certain metals
      • Colorometric methods
      • Atomic absorption spectrometry
      • Inductively coupled plasma spectroscopy
slide72

Early Warning Monitoring Methods

  • Chemical analyses (cont.)
    • General organic chemicals
      • Total organic carbon
      • UV absorption
    • Oxygen demand
    • Oil and petroleum
      • Fluorescence oil detectors
    • Organic chemicals
      • $30 – 100K
slide73

Early Warning Monitoring Methods

  • Chemical analyses (cont.)
    • Pesticides
      • GC/MS
        • 100K
      • ELISA
        • Available for some
  • Radiation detection equipment
      • Radiation detection equipment for monitoring personnel and packages
      • Radiation detection equipment for monitoring water assets
slide74

Early Warning Monitoring Methods

Early Warning Monitoring Methods

  • Microbiological analyses
    • Conventional methods are slow (days)
    • DNA probes, DNA microchip arrays (hours)
  • Bioalarms
    • Monitor behavior of fish or Daphnia
biological detection process
Biological Detection Process
  • Collect samples
  • Generic detection
    • Particle sizer
    • Biological agent characteristics
  • Identification kits
  • Clinical laboratory
slide76

Early Warning Systems Currently In-place

  • Ohio River Valley Water Sanitation Commission
    • Organics Detection System
      • 15 gas chromatographs
  • Rhine River – used by millions as water supply
    • 30 monitoring stations
      • Biomonitors using fish, Daphnia, mussels, algae, bacteria
slide77

Early Warning Systems Currently In-place

  • River Dee - Wales and England
    • On-line monitors for formaldehyde, ammonia, phenol, VOCs, herbicides, and other parameters
  • Yodo River – Japan
    • Biomonitoring stations, TOC and UV monitors, Gas chromatography
  • River Trent – UK
    • On-line monitoring of VOCs, nitrogen species, TOC, Ion chromatography, oils
slide78

Early Warning Systems Currently In-place

  • St. Clair River – Canada
    • Hourly on-line monitoring for 20 VOCs.
need for alternative supply
Need for Alternative Supply
  • Water is a critical resource for health, healthcare, business, and public health
  • Lack of water could cause panic
alternate supply for consumer use
Alternate Supply for Consumer Use
  • Identify agencies, companies, contractors, surrounding communities, and related utilities, as appropriate
  • Establish mutual aid agreements with companies, contractors, surrounding communities, and related utilities, as appropriate
  • Maintain phone numbers for entities that could assist in providing alternate water supplies
alternate supply for consumer use1
Alternate Supply for Consumer Use
  • Advise consumers to maintain emergency supply of water (bottled water)
  • Identify optimal locations for parking water tankers and distributing bottled water.
  • Identify ways to use only uncontaminated water sources if multiple contributing water sources are available.
possible contacts for alternate water supply
Possible Contacts for Alternate Water Supply
  • Local businesses (dairies, well drillers, distributors with tank trucks that can carry water)
  • Companies that might have chlorinators or generators for disinfection
  • Irrigation supply companies with pipe that can extend water supply lines
  • Bottle manufacturers that could provide milk jugs, other containers to transport water to the affected community
possible contacts for alternate water supply1
Possible Contacts for Alternate Water Supply
  • Hospitals and universities may maintain backup water supplies for industrial processes
  • Local industries may also have backup water supplies for industrial purposes
  • Some local citizens may have well water sources that can be utilized.
  • Local authorities may permit the utility to pump and treat an available water source
public guide to water purification
Public Guide to Water Purification*
  • Straining- Water containing sediment or floating material can be strained through a cloth or paper filter as the first step in the purification process.
  • Boiling
  • Chemical Sterilization (chlorine bleach)-
  • Chemical Sterilization (iodine)-
  • Filtration Devices- Such as those used for camping and backpacking may also be used to purify water from natural sources.

*Water that officials report has been contaminated with toxic chemicals or radioactive materials should not be purified using home decontamination methods

alternate water sources in the home
Alternate Water Sources in the Home*
  • Ice Cubes
  • Chilled Water stored in the refrigerator
  • Hot water tank
  • Toilet tank (Not toilet bowl. If cleaners have been added to tank, do not use.)
  • Water pipes
  • Rainwater, spring water, ponds, rivers, lakes (Purify these sources before use.)

*(Note: Any of these listed sources may contain contaminated water if filled in the timeframe of the contamination incident.)

tasks for group 5
Tasks for Group 5
  • Develop risk communication strategies for the following scenarios:
    • Physical disruption of service
    • Fake attack
    • Idle (passive) threat to the media
    • Toxin added to service lines
    • Biological agent added to service lines
slide90

Tasks for Group 5

  • Who would you notify first?
  • How would you notify the public?
  • What is the content of your message?
    • What actions would you tell the public to take?
  • Who should be delivering the message?
    • Mayor
    • Commissioner of Health
  • What are the types of personnel needed to have an effective system to address these issues?
tools for group 5
Tools for Group 5
  • Maps of the city and water system
  • Description of the water system
  • Lists of: (in Group 1 section)
    • Potential organisms
    • Potential toxins
  • Information on organisms/toxins: (in Group 1 section)
    • NOEL
    • Infective dose
  • How to respond to a threat (in Group 4 section)
  • How to decide appropriate notification technique
  • Potential target audience
  • Content/format of notification
how to decide what type of public notification technique is appropriate
How to Decide What Type of Public Notification Technique is Appropriate
  • Evaluate the credibility of the threat and potential consequences. Is notification appropriate?
  • Are operational response actions adequate to protect public health?
  • Consult with appropriate officials regarding public notification options.
  • Is the contaminant known?-Yes: If advisable, issue a ‘boil water notice.’-Yes: If risk of dermal exposure or inhalation, issue a ‘do not drink’ notice.-No: Issue a ‘do not use’ notice.
target audience
Target Audience
  • People served by the water system include renters and transients, not only billed customers.
  • Give sensitive subpopulations priority (daycares, nursing homes, etc.)
  • Critical Care Facilities:
    • Hospitals, Clinics, Dialysis Centers,etc.
  • Schools
  • Businesses:
    • Food/drink makers, commercial ice makers, restaurants, agricultural operations, power generation facilities
content of notification
Content of Notification
  • Content should be part of planning, not developed during crisis.
  • Copy of should be sent to primacy agency.
  • Description of incident, contaminant(s), and information on how contaminant(s) entered water supply.
  • Potential health effects, population at risk
  • Whether alternative water supplies should be used, possibly listing locations of alternative water supplies.
  • Actions consumers should take (boiling, do not use, do not drink, conservewater)
content of notification1
Content of Notification
  • When consumers should seek health care (e.g. what symptoms to watch for)
  • Actions being taken to correct the situation
  • Expected duration of emergency
  • Name, business address, and phone number for additional information
format of notification
Format of Notification
  • Displayed in a conspicuous way when printed or posted
  • Should not contain overly technical language or small print
  • Assume consumers only read top half of notice (or what can be read in 10 seconds)
  • Try to limit wordiness in notice. Q&A and bullet/number formats are particularly effective.
  • Highlight the name of the water utility, especially if more than one water service is in use.
notification of special populations
Notification of Special Populations
  • Identify ways to notify visually and hearing-impaired populations and meet their needs.
  • In the case of multilingual communities, issue non-English warnings.
    • 10% of the population being non-English speaking usually warrants multilingual warnings.
  • Make notices easy to read in all languages. Some consumers may not have strong reading skills.
methods of delivery
Methods of Delivery
  • Government access channels
  • Web sites (local government and others)
  • Listserve e-mail
  • Newspaper
  • Phone banks
  • Broadcast phone messages (“reverse 911” messages)*
  • Broadcast faxes
  • Mass distribution through community centers
  • Door-to-door canvassing
  • Town hall meetings
  • Regular/special partner conference calls