This is part 2 of StateScoop’s “10 things ‘I wish I had known’ before the disaster hit.’ Read about “information paralysis,” the value of threat intelligence and the importance of data standardization in part 1.
5. Don’t underestimate the danger of cyberattacks
There’s a misconception in some public safety circles that cybersecurity is a concern penned off inside the virtual world, a place where hackers steal credit card data and disrupt websites, but can’t affect the physical world. John Halsema is here to let everyone know that’s completely untrue.
Halsema is a former U.S. Navy submarine commander and chief technology officer for the ARES Security Corporation, a firm that provides tools and security consulting to facilities that would be disastrous if breached such as nuclear power plants. The odds are stacked against the good guys, he said, and it’s critical to understand what’s at stake beyond the virtual world.
He said it’s a game of asymmetric warfare, in which every dollar spent by terrorists needs thousands spent by defenders to stop them. Coordinated and well-financed operations like the Stuxnet attack on Iran’s nuclear facility are rare, but it doesn’t take an attack of that sophistication to cause severe damage or incite panic, Halsema said.
One scenario his company offers its nuclear facility clients is a fictional cyberattack that disables the facility’s physical security systems. A cyberattack launched in coordination with a physical attack provides a “massive force-multiplier,” Halsema said, but a terrorist doesn’t need to blow up a reactor to generate a level of political instability that could cause massive disruption to a society.
“[As an attacker, I could] paralyze politically and economically, perhaps, without even shutting the power off,” Halsema said. “Because maybe I can get them to shut all the nuclear reactors down. Maybe I can convince them it’s another Fukushima and they’re going to shut down all the reactors in the United States. And if you did that, we’ve got a big problem. We cant produce enough power.”
How plausible is a scenario like this? Halsema says no one can be sure.
“The question of success is something I really don’t want to go into,” he said. “But the probability of an attack is very, very high.”
6. Continue communicating and monitoring data channels through the event
There’s a phenomenon in emergency response in which there’s an initial surge of information, then suddenly emergency responders either become overwhelmed by too much information or become too busy to provide new updates to their teams. David Barnes, the director of emergency management for Oklahoma County, said it’s critical that emergency managers make the most of their communications channels and continue providing updates after the initial surge of updates.
With all the new technologies providing various data streams today, Barnes said, managing the level of communication and information input is a balancing act.
“At the outset, it’s going to go two ways,” said Barnes, whose agency covers Oklahoma City and the surrounding area. “You’re either not going to have enough information to make good, clear decisions, or you’re going to be overwhelmed with a ton of information that forces you to sort through that information and actually determine what’s accurate.”
Having an abundance of information is a boon, Barnes said, and it’s important to continue using it through an event’s response, and not simply make an initial decision at the outset and then shut out all new information.
As a former assistant fire chief, Barnes helped with coordination and response following the 1995 Oklahoma City bombing. A big lesson from that event, he said, was that “anything can happen anywhere.”
“I’m a really big proponent of awareness and to be adequately aware of any potential threat,” Barnes said. “Particularly with severe weather, it’s critical you have multiple sources of information. If you rely on just one and something occurs to it and the validity is compromised, you’ve got yourself in a serious situation. Technology definitely helps us improve that by giving us multiple resources for gathering that information.”
7. Public safety technology is made to be broken
Pete Gomez, Miami’s assistant fire chief, has more than 30 years of experience in public safety, but his process for evaluating the resiliency of his technology has remained the same: “Test it until it breaks, then test it again.”
“Thats kind of what we do,” Gomez said. “Can we break it? I want to show somebody that it doesn’t work, then have them fix it for me. That’s how we get these things to where they need to be. We do that with all kinds of things, like our self-contained breathing apparatus or our bunker gear.”
Much of the technology Gomez and his team rely on is network-connected, he said, leading to headaches and successes in the field, and even further examination into the devices’ durability.
“A big component of our’s is communication — no matter where we go, where we’ve been and what we’ve done, communication at some point always fails us,” he said. “Whether its long-term or short-term, we always have some kind of hiccup with communications, which I view as an IT component.”
Gomez had the opportunity to put this strategy to the test earlier this year, he said, when he and his colleagues were invited to the state’s Emergency Operations Center in Tallahassee to explore Florida’s newest situational awareness technology.
“They brought public safety officials from across the state up there and said, ‘Hey let’s put this thing through its test, through its paces, find out its weaknesses and everything,'” Gomez said.
That style of testing, breaking, repairing and breaking again is standard for public safety officials, Gomez said.
“A lot of times, you have to be very careful,” Gomez said, “because a lot of these technology companies will offer you the world. The tech person that’s introducing it to you can slide through the systems when you go to use it. In reality, it’s not as friendly.”
Read part 3 of StateScoop’s “10 things ‘I wish I had known’ before the disaster hit,’ in which public safety experts discuss the essential tasks of staying connected with the public at all times and outlining worst-case contingencies ahead of time.