Disaster Due Diligence February 27, 2009
Cyber security
HEADLINE: U.S. under growing cyber attacks
SUMMARY: The number of reported cyber attacks on U.S. government computers and networks increased by more than 40 percent last year. Most attacks were attempts to gain control of government systems or obtain sensitive information. President Obama last week ordered a thorough view of U.S. cyber security to protect the government's IT systems from security and economic threats.
STORY LINK: http://www.google.com/hostednews/afp/article/ALeqM5gdHQ4Odvow3BiHAqzcBagb2b8Qvg
ANALYSIS: If you are an independent malicious hacker or a state-sponsored hacker/terrorist, you have a logistical problem that every software developer struggles with: "How do you test your code on live data?" This becomes a critical question if the code you are developing is ultimately designed to be a cyber weapon or intelligence-gathering device.
If you test the early versions of your hacking code against high-profile U.S. government sites (the three-letter guys and the military) it’s likely flaws will tip your hand and allow your target to develop countermeasures, forcing a complete redesign and rewrite. A safer way to test your hacking code is by launching it against the private sector to prove its utility. Given that any keyboard connected to the Internet can reach out and touch any computer or Web site, the world becomes your proving ground.
As this article points out, 5,488 hacking attempts of interest were "tracked" by the U.S. government in 2008. But only 1 percent of government agencies are currently able to track a hacking attempt. That means we can estimate that there are at least 500,000 attempts a year launched against our government sites that are worth tracking to determine the identity of those behind the attacks. Extrapolate that out to include the private sector and the numbers are daunting -- at least 2-3 million attacks annually.
A vast majority of managers and top-level executives are of the opinion that it’s not their company, but the other guy who is being hacked. Most are wrong. Do this as a test: Ask the person responsible for your IT security how many times a day they fend off hacker attacks. If they know the answer off the top of their heads (they should) then your company is in good shape. If he or she doesn't have a clue, then you've got big problems and it’s possible someone from China is reading your e-mail.
Communicable illness
HEADLINE: Treatment for bird flu succeeds in mice
SUMMARY: Antibodies taken from humans could provide protection from lethal strains of influenza, including the bird flu, according to research published this week. H5N1 has killed or resulted in the deaths of millions of birds in several countries. More than 400 people have been infected with bird flu since 1997; the mortality rate is 65 percent.
Even if tested to be safe and effective, a human antibodies vaccine could take several years to be developed into a licensed product, according to a press release from National Institutes of Health.
STORY LINK: http://www.cnn.com/2009/HEALTH/02/20/flu.antibodies/index.html
ANALYSIS: There is hope. We discuss epidemics and pandemics, and it is easy to focus on doom and gloom. New discoveries point to new solutions over time. In the short term, the focus needs to be on prevention and identification. Former U.S. Surgeon General C. Everett Koop has stated that “we fight pandemics with the same weapons we used 100 years ago.”
Until vaccines are proven and available to everyone, policies for cleaning, hygiene, social distancing, visitors and travel are needed. Continuous monitoring is required with identified triggers to activate plans. All organizations need a communicable illness plan. It is important to focus on all communicable illnesses, not just H5N1 avian flu. The United Nations has stated that there is a 700 percent return on investment in preparedness vs. the cost of loss.
-- Jim Satterfield, Firestorm President/COO
HEADLINE: Officials investigate how bird flu viruses were sent to unsuspecting labs
SUMMARY: Vaccine manufacturer Baxter International Inc. made "experimental virus material" based on a human flu strain but contaminated it with the H5N1 avian flu virus and then distributed it to an Austrian company. That company then disseminated the supposed H3N2 virus product to subcontractors in the Czech Republic, Slovenia and Germany. Authorities in the four European countries are looking into the incident, and their efforts are being closely watched by the World Health Organization.
STORY LINK: http://ca.news.yahoo.com/s/capress/090225/health/health_contaminated_flu_vaccine?printer=1
ANALYSIS: This apparent accidental mixing of H5N1 and H3N2 is of concern. The nature of the product and the purpose of animal testing have not been revealed. That said, with the data reported (dead ferrets), certainly animal care personnel and perhaps laboratory workers as well were potentially exposed.
Should there be an appropriate re-assortment in an exposed and infected worker, then there is a chance for a new virus to emerge which would prove to be infectious for man. Lots of “ifs’’ here. The exposed workers are under appropriate medical surveillance and so far appear healthy.
Homeland security
HEADLINE: The Perilous State of Mexico
SUMMARY: With violence and corruption in an upward spiral, Mexico is waging a do-or-die battle with the world's most powerful drug cartels. Last year, more than 6,000 people died in drug-related violence in the country, which shares an almost 2,000-mile border with the United States. The death toll was more than twice the number of the previous year and some of the related violence has spilled over into U.S. border regions.
STORY LINK: http://online.wsj.com/article/SB123518102536038463.html
ANALYSIS: The recent increase in drug trafficking-related violence in Mexico is troubling, but not unprecedented. Columbia experienced similar upheavals; to a lesser extent even some U.S. cities have at times encountered dramatic increases in drug-related violence. Fortunately, as the article states, the majority of victims are directly related to the drug trade, either on the criminal side or law enforcement and government officials.
Persons traveling to Mexico would be well advised to take extra precautions. Frequent checking of State Department travel advisories is warranted. Avoid sparsely populated areas, unfamiliar places, and poorly travelled roads -- recommendations applicable to many countries with sizable populations living in poverty.
Ultimately, an enhanced sense of awareness and preparedness is what will keep you safe. Recognize that the “rules” that apply at home may not be applicable.
-- Don Donahue, Firestorm Expert Council member
Disaster preparedness
HEADLINE: Weather Monitoring Aids Disaster Mitigation
SUMMARY: A preparedness exercise by the State of Arizona Eastern Region illustrates the importance of weather as both a cause of disaster and a hazard for those responding to and mitigating a disaster. Adding weather monitoring and examination of weather-related factors into disaster planning can enhance responder effectiveness.
STORY LINK: http://www.columbiaweather.com/ArizonaExercise.html
ANALYSIS: Weather impacts everyone. Most continuity plans do not take weather into account. Winter in Buffalo, heat in the South and winds in Chicago all have impacts. Wildfires can create their own local weather pattern. Response time, access, communications and employee exposure during evacuation or response are impacted adversely by weather conditions. Disasters can happen when least expected and when conditions are adverse. Conducting a fire drill on a rainy or snowy day is realistic. Fires don’t wait for good weather. Disasters don’t occur when it is convenient. Predict. Plan. Perform.
-- Jim Satterfield, Firestorm President/COO
|
•
del.icio.us
digg
facebook
