group 1 malefactors n.
Skip this Video
Loading SlideShow in 5 Seconds..
Group 1 Malefactors PowerPoint Presentation
Download Presentation
Group 1 Malefactors

Group 1 Malefactors

105 Vues Download Presentation
Télécharger la présentation

Group 1 Malefactors

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Group 1Malefactors

  2. Tasks for Group 1 • Describe the best candidate agents (chemical and biological) that could be used to attack this system. • Why are these preferable? • What sorts of physical attacks could be used? • What are the best alternatives for: • hurting people? • spreading fear? • hurting the economy? • Which approach most cost-effective? • Which approach is most difficult to detect? • What are the types of personnel needed to have an effective system to address these issues?

  3. Tools for Group 1 • Maps of the city and water system • Description of the water system • Lists of: • Potential organisms • Potential toxins • Information on organisms/toxins: • NOEL • Infective dose • Chlorine resistance

  4. Weapons, organisms, toxins

  5. Weapons of Mass Destruction • Weapons of Mass Destruction (WMD) • Nuclear weapons or improvised nuclear device • Radiological material dispersal device • Chemical weapons • Biological agents • Bombs

  6. Biological Agent Characteristics • Produce delayed effects • Do not penetrate unbroken skin • Do not evaporate • More toxic than chemicals by weight • Undetectable by senses • Difficult to detect in the field

  7. Biological Agent Characteristics (continued) • Most effectively disseminated as aerosols • Range of effects • Obtained from nature • Multiple routes of entry • Destroyed by environment (UV light) • Some are contagious

  8. Enhanced Potential of Agents to Contaminate Drinking Water • Resistance to disinfectants at normal concentrations • Resistance to boiling for 1 to 3 minutes • A low oral infectious dose • Easy availability • Easy to culture without sophisticated equipment • Survival in water for long periods of time • Difficult to remove by common water treatment practices

  9. Treatment & Biological Agents

  10. Treatment & Biologic Agents

  11. Treatment & Biological Toxins

  12. Treatment & Biological Toxins

  13. Weaponization and Infective Dose of Biological Agents

  14. Weaponization and Infective Dose of Biological Agents

  15. Weaponization and Infective Dose of Biological Agents

  16. Weaponization and No Observed Adverse Effect Level (NOAEL) for Biotoxins

  17. Weaponization and No Observed Adverse Effect Level (NOAEL) for Biotoxins

  18. Relative Toxicity of Some Poisons in Water

  19. Group 2Public Utility Workers

  20. Tasks for Group 2 • Describe the vulnerability assessment process. • What are the vulnerable components of the Redmond system? • What types of protections could be put into place to fortify the system? • What are the potential costs of these fortifications? • What are the types of personnel needed to have an effective system to address these issues?

  21. Tools for Group 2 • Maps of the city and water system • Description of the water system • Outline of the vulnerability assessment process • Potential vulnerabilities • Security products

  22. Vulnerability Assessments

  23. Public Law 107-188 • Bioterrorism Preparedness and Response Act of 2002. • Requires all cities with a population of over 3300 to conduct a vulnerability assessment (VA) of their water systems (by end of 2004). • Incorporate results of VA into Emergency Response Plan (ERP). • Obtain EPA certification of ERP.

  24. 6 Elements of Vulnerability Assessments • 1. Characterization of the water system, including its mission and objectives • 2. Identification and prioritization of adverse consequences to avoid • 3. Determination of critical assets that might be subject to malevolent acts that could result in undesired consequences

  25. 6 Elements of Vulnerability Assessments • 4. Assessment of the likelihood (qualitative probability) of such malevolent acts from adversaries • 5. Evaluation of existing countermeasures • 6. Analysis of current risk and development of a prioritized plan for risk reduction

  26. 1. Characterization of the System • What are the important missions (customers) of the system? • General public - Industrial • Government - Critical Care • Military - Retail Operations • Firefighting

  27. Characterization of the System • What are the most important facilities, processes, and assets of the system? • Utility facilities • Operating procedures • Water sources (ground water/surface water) • Management practices • Treatment processes • Storage methods/capacity • Chemical use/storage • Distribution system

  28. 2. Identification and Characterization of Adverse Consequences to Avoid • Impacts that could disrupt supply of safe and reliable water or cause public health concerns • Ranges of consequences for impacts: • Magnitude of service disruption • Economic impact • Number of illnesses/deaths • Impact on public confidence • Chronic problems • Other indicators of the impact of each event

  29. 3. Determination of Critical Assets that Might be Subject to Malevolent Acts • Could include: • Physical damage or destruction of critical assets • Contamination of water • Intentional release of stored chemicals • Interruption of electricity or other infrastructure interdependencies

  30. 4. Assessment of the Likelihood of Malevolent Acts • Moving from what is possible to what is likely • Very difficult task • “Baseline Threat Information for Vulnerability Assessments of Community Water Systems” • Sensitive document prepared by EPA and supplied to community water systems serving more than 3,300 people.

  31. 5. Evaluation of Existing Countermeasures • What capabilities does the current system employ for detection, delay, and response? • Detection • Intrusion detection systems • Water quality monitoring • Operational alarms • Guard post orders • Employee security awareness

  32. Evaluation of Existing Countermeasures • Delay • Locks and key control • Fencing • Structure integrity for critical assets • Vehicle access checkpoints • Response • Policies and procedures for evaluation and response to: • Physical intrusion • System malfunction alarms • Adverse water quality indicators • Cyber system intrusions

  33. 6. Analysis of Current Risk and Development of a Prioritized Plan for Risk Reduction • Analyze information from steps 1-5 to determine current level of risk • Are current risks acceptable or should risk reduction measures be pursued? • Recommended actions should measurably reduce risks by reducing vulnerabilities and/or consequences through improved deterrence, delay, detection, and/or response

  34. Top 10 Cyber Vulnerabilities • Operator station logged on all the time (with or without operator present) • Physical access to the SCADA equipment relatively easy • Unprotected SCADA network access from DSL or dial-up modems • Insecure wireless access points on the network • Most of the SCADA networks directly or indirectly connected to the Internet

  35. Top 10 Cyber Vulnerabilities • No firewall installed or the firewall configuration is weak or unverified • System event logs not monitored • Intrusion detection systems not used • Operating and SCADA system software patches not routinely applied • Network and/or router configuration insecure: passwords not changed from default

  36. Security Products( • Cyber Protection Products • Firewalls • Anti-virus and pest eradication software • Network intrusion hardware/software

  37. Physical Asset Monitoring and Control Products • Backflow prevention devices • Exterior intrusion buried sensors • Fences • Films for glass-shatter protection • Fire hydrant locks • Ladder access control • Locks • Manhole locks • Security for doorways • Valve lockout devices • Visual surveillance monitoring

  38. Group 3Health System Workers

  39. Tasks for Group 3 • Describe the system that should be in place to detect an attack (through the health care system) involving chemical, radiological, or biological agents. • Who would need to be communicating with whom? • Who should report a potential problem? • To whom? • What do you think the pre-defined thresholds (excess cases) of symptoms should be? • Should we be testing patients for exposure to potential agents? • What are the infra-structure needs/costs to put such a system in place? • Describe the potential indicators of an attack (syndromes, epi clues) • What are the types of personnel needed to have an effective system to address these issues?

  40. Tools for Group 3 • Lists of: (in Group 1 section) • Potential organisms (in Group 1 section) • Potential toxins • Information on organisms/toxins: (in Group 1 section) • NOEL • Infective dose • Epidemiological indicators/sentinel clues • Syndromic surveys

  41. Identifying an Event • Illness may be the first indication that an event has occurred. • Epidemiological clues (sentinel clues) can be used to identify and confirm a CBR exposure event.

  42. Epidemiological Indicators and Sentinel Clues • Record number of severely ill or dying patients over short period • Very high attack rates (>60%) • Severe and frequent disease in previously health patients • Increased and early presentation of disease in vulnerable populations (elderly, immunocompromised)

  43. Epidemiological Indicators and Sentinel Clues • “Impossible” epidemiology • Naturally occurring diseases diagnosed in regions where the disease has not previously occurred. • >normal number of patients with gastrointestinal, respiratory, neurologic, or fever diagnoses • Record number of fatal cases with few recognizable signs and symptoms • Localized areas of disease in specific areas (neighborhoods) • Multiple infections at single locations (school, hospital, nursing home) with unusual or rare pathogen

  44. Epidemiological Indicators and Sentinel Clues • Lack of response or clinical improvement of patients to traditional treatment • Near simultaneous outbreaks of similar or different epidemics at the same or different locations indicating a pattern of agent release • Endemic disease presenting during an unusual time of the year • Endemic disease presenting in a community where the normal vector is absent

  45. Epidemiological Indicators and Sentinel Clues • Unusual temporal or geographic clustering of cases attending a common public event • Increased patient presentation with acute neurologic illness or cranial nerve impairment with progressing generalized weakness • Unusual or uncommon route of exposure of a disease • Illness resulting from a waterborne agent not normally found in the water environment

  46. Syndromic Surveys • Monitoring of disease through grouping of cases into syndromes rather than specific diagnoses • Certain syndromes may be characteristic of terrorist activity

  47. Types of Syndromic Disease Clustering Potentially Indicating CBR Exposure • Gastrointeritis of an apparent infectious etiology, acute toxic chemical exposure, or possible acute radiation exposure • Upper and lower respiratory disease with fever and sudden death of previously healthy patients • Rash of synchronous skin lesions and fever, reddened skin, radiation burns • Suspected meningitis, encephalitis, encephalopathy

  48. Types of Syndromic Disease Clustering Potentially Indicating CBR Exposure • Sepsis or non-traumatic shock • Unexplained death with a history of fever • Advancing cranial nerve impairment with progressive generalized weakness

  49. Hospitals in the Redmond Area

  50. Group 4Environmental Health Group