Makati City becomes the second Resilience Hub in Asia-Pacific

Agency News, Health & Social Care, Industry News, Water sector

The City of Makati in the Philippines is named as the second Resilience Hub of Making Cities Resilient 2030 (MCR2030) in the Asia-Pacific region on 27 September 2022.

Makati has already been recognized as a Role Model City of the MCR 2010-2020 initiative by sharing know-how and experiences for reducing disaster risk, building urban resilience with other cities and participating in regional forums.

Under the leadership of Mayor Mar-len Abigail S. Binay, the city has adopted the principle of “Resilience is everybody’s business” at all sectors of society to manage disasters and build urban resilience in the country.

“We’re committed to continuing the journey of advocating resilience as a way of life through a Resilience Hub by collaborating with our constituents, partners and other local government units,” said Ms. Binay.

The Chief of the Regional Office for Asia and the Pacific at the United Nations Office for Disaster Risk Reduction (UNDRR), Mr. Marco Toscano-Rivalta, congratulated the Mayor, the City of Makati and its people for their vision and determination to continue strengthening disaster resilience and supporting other cities along the resilience pathway.

“Disaster risk is local, and it is at the local level where leadership, partnerships and solutions make a difference. MCR2030 is a catalyst for local action, a platform for collaboration and sharing of knowledge to localize disaster risk management and the implementation of the Sendai Framework for Disaster Risk Reduction,” said Mr. Toscano-Rivalta.

Makati, also known as a financial hub of the country, has developed a three-year plan of the Resilience Hub, which focuses on creating and building an online knowledge portal. The portal’s objective is to enhance peer-to-peer support, and disseminate risk data, information and expertise by conducting workshops, seminars and events related to strengthening urban resilience towards disaster risk reduction.

The plan also aims to improve city-to-city cooperation by working with other local governments in the Asia Pacific Region and beyond, promote synergies between cities to learn from each other and other disaster risk reduction activities, including capacity building, disaster preparedness, response and prevention.

The city is also in the process of developing the Makati Disaster Risk Reduction and Management Academy to learn from its best practices, using case studies and knowledge bases from other cities, leveraging experiences from an international group of practitioners who already participated in the initiative.

Notably, the city has continually mainstreamed and institutionalized disaster risk reduction management across all levels of the city since signing up to the MCR campaign in 2010.

As one of the pilot cities applying MCR tools, Makati held multi-sectoral annual workshops, reviewed and reassessed the city’s progress in implementing the Ten Essentials for MCR2030 through the Local Government Self-Assessment Tool.

The city was one of the first municipalities to utilize the Disaster Resilience Scorecard for Cities, which was developed through then UNISDR’s collaboration with global technology companies such as IBM and AECOM.

In 2017, the city established a resilience roadmap called the Makati Disaster Risk Reduction and Management Plan, using the now adapted Disaster Resilience Scorecard. Makati used Disaster Resilience Scorecard for Cities - Public Health System Resilience Addendum to enhance the city’s disaster risk reduction management.

Leave a comment , , ,

UK and allies expose Iranian state agency for exploiting cyber vulnerabilities for ransomware operations

Agency News, Cyber Security CII sector, Industry News

The UK and international allies have issued a joint cyber security advisory highlighting that cyber actors affiliated with Iran’s Islamic Revolutionary Guard Corps (IRGC) are exploiting vulnerabilities to launch ransomware operations against multiple sectors.

Iranian-state APT actors have been observed actively targeting known vulnerabilities on unprotected networks, including in critical national infrastructure (CNI) organisations.

The advisory, published by the National Cyber Security Centre (NCSC) − a part of GCHQ − alongside agencies from the US, Australia and Canada, sets out tactics and techniques used by the actors, as well as steps for organisations to take to mitigate the risk of compromise.

It updates an advisory issued in November 2021 which provided information about Iranian APT actors exploiting known Fortinet and Microsoft Exchange vulnerabilities.

They are now assessed to be affiliated to the IRGC and are continuing to exploit these vulnerabilities, as well as the Log4j vulnerabilities, to provide them with initial access, leading to further malicious activity including data extortion and disk encryption.

Paul Chichester, NCSC Director of Operations, said:

"This malicious activity by actors affiliated with Iran’s IRGC poses an ongoing threat and we are united with our international partners in calling it out.

“We urge UK organisations to take this threat seriously and follow the advisory’s recommendations to mitigate the risk of compromise.”

The NCSC urges organisations to follow the mitigation set out in the advisory, including:

- Keeping systems and software updated and prioritising remediating known exploited vulnerabilities
- Enforcing multi-factor authentication
- Making offline backups of your data

This advisory has been issued by the NCSC, the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), US Cyber Command (USCC), Department of the Treasury (DoT), the Australian Cyber Security Centre (ACSC) and the Canadian Centre for Cybersecurity (CCCS).

Leave a comment , , , ,

NSA, CISA: How Cyber Actors Compromise OT/ICS and How to Defend Against It

Agency News, Cyber Security CII sector, Industry News, Power/Energy/Oil & Gas sector, Telecomms sector

The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) published a Cybersecurity Advisory that highlights the steps malicious actors have commonly followed to compromise operational technology (OT)/industrial control system (ICS) assets and provides recommendations on how to defend against them.

“Control System Defense: Know the Opponent” notes the increasing threats to OT and ICS assets that operate, control, and monitor day-to-day critical infrastructure and industrial processes. OT/ICS designs are publicly available, as are a wealth of tools to exploit IT and OT systems.

Cyber actors, including advanced persistent threat (APT) groups, have targeted OT/ICS systems in recent years to achieve political gains, economic advantages, and possibly to execute destructive effects. Recently, they’ve developed tools for scanning, compromising, and controlling targeted OT devices.

“Owners and operators of these systems need to fully understand the threats coming from state-sponsored actors and cybercriminals to best defend against them,” said Michael Dransfield, NSA Control Systems Defense Expert. “We’re exposing the malicious actors’ playbook so that we can harden our systems and prevent their next attempt.”

This joint Cybersecurity Advisory builds on previous NSA and CISA guidance to stop malicious ICS activity and reduce OT exposure. Noting that traditional approaches to securing OT/ICS do not adequately address threats to these systems, NSA and CISA examine the tactics, techniques, and procedures cyber actors employ so that owners and operators can prioritize hardening actions for OT/ICS.

Defenders should employ the mitigations listed in this advisory to limit unauthorized access, lock down tools and data flows, and deny malicious actors from achieving their desired effects.

Leave a comment , , ,

Large Constellations of Satellites: Mitigating Environmental and Other Effects

Agency News, Industry News, Space Sector

There are almost 5,500 active satellites in orbit as of spring 2022, and one estimate predicts the launch of an additional 58,000 by 2030. Large constellations of satellites in low Earth orbit are the primary drivers of the increase. Satellites provide important services, but there are potential environmental and other effects that this trend could produce (see figure).

Potential effects from the launch, operation, and disposal of satellites

For decades, satellites have been used for GPS, communications, and remote sensing. The number of satellites has recently increased, as thousands more have been launched to provide internet access.

But this increase may be disruptive. For example, it could lead to more space debris, which can damage existing satellites used for commerce or national security. We reviewed technologies and other tools to lessen potential effects. We also looked at mitigation challenges, like unclear rules and immature technology. To help address the challenges, we developed policy options, which may help policymakers achieve a variety of goals.

GAO assessed technologies and approaches to evaluate and mitigate the following potential effects:

- Increase in orbital debris. Debris in space can damage or destroy satellites, affecting commercial services, scientific observation, and national security. Better characterizing debris, increasing adherence to operational guidelines, and removing debris are among the possible mitigations, but achieving these is challenging.
- Emissions into the upper atmosphere. Rocket launches and satellite reentries produce particles and gases that can affect atmospheric temperatures and deplete the ozone layer. Limiting use of rocket engines that produce certain harmful emissions could mitigate the effects. However, the size and significance of these effects are poorly understood due to a lack of observational data, and it is not yet clear if mitigation is warranted.
- Disruption of astronomy. Satellites can reflect sunlight and transmit radio signals that obstruct observations of natural phenomena. Satellite operators and astronomers are beginning to explore ways of mitigating these effects with technologies to darken satellites, and with tools to help astronomers avoid or filter out light reflections or radio transmissions. However, the efficacy of these techniques remains in question, and astronomers need more data about the satellites to improve mitigations.

GAO developed the following policy options to help address challenges with evaluating and mitigating the effects of large constellations of satellites. GAO developed the options by reviewing literature and documents, conducting interviews, and convening a 2-day meeting with 15 experts from government, industry, and academia. These policy options are not recommendations. GAO presents them to help policymakers consider and choose options appropriate to the goals they hope to achieve. Policymakers may include legislative bodies, government agencies, standards-setting organizations, industry, and other groups.

Policymakers may be better positioned to take action on this complex issue if they consider interrelationships among these policy options. For example, implementing the fourth option (improving organization and leadership) may improve policymakers’ ability to implement the first and second options (building knowledge, developing technologies, and improving data sharing). Similarly, implementing the first option may help with the third option (establishing standards, regulations, and agreements). More generally, trade-offs between mitigations may emerge, the ongoing increase in new constellations may introduce unexpected changes, and a large and diverse set of interests from the global community may shift over time, all of which present persistent uncertainties. To address these complexities and uncertainties, the full report presents the policy options in a framework, which may help policymakers strategically choose options to both realize the benefits and mitigate the potential effects of large constellations of satellites.

Enabled by declines in the costs of satellites and rocket launches, commercial enterprises are deploying large constellations of satellites into low Earth orbit. Satellites provide important data and services, such as communications, internet access, Earth observation, and technologies like GPS that provide positioning, navigation, and timing. However, the launch, operation, and disposal of an increasing number of satellites could cause or increase several potential effects.

This report discusses (1) the potential environmental or other effects of large constellations of satellites; (2) the current or emerging technologies and approaches to evaluate or mitigate these effects, along with challenges to developing or implementing these technologies and approaches; and (3) policy options that might help address these challenges.

To conduct this technology assessment, GAO reviewed technical studies, agency documents, and other key reports; interviewed government officials, industry representatives, and researchers; and convened a 2-day meeting of 15 experts from government, industry, academia, and a federally funded research and development center. GAO is identifying policy options in this report.

Leave a comment ,

Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization

Agency News, Cyber Security CII sector, Industry News, Power/Energy/Oil & Gas sector

CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) have released a joint Cybersecurity Advisory (CSA), Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization, highlighting advanced persistent threat (APT) activity observed on a Defense Industrial Base (DIB) Sector organization’s enterprise network. ATP actors used the open-source toolkit, Impacket, to gain a foothold within the environment and data exfiltration tool, CovalentStealer, to steal the victim’s sensitive data.

Joint Cybersecurity Advisory AA22-277A provides the APT actors tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs). CISA, FBI, and NSA recommend DIB sector and other critical infrastructure organizations implement the mitigations in this CSA to ensure they are managing and reducing the impact of APT cyber threats to their networks.

Leave a comment ,

EPA’s proposed changes to chemical disaster prevention rule don’t do enough to keep communities safe

Industry News, Power/Energy/Oil & Gas sector

Coming Clean and the Environmental Justice Health Alliance for Chemical Policy Reform released a report that profiles three chemical incidents that occurred within two weeks this January, and recommends specific safety measures that the Environmental Protection Agency (EPA) should require in order to prevent future chemical disasters.

On August 31, 2022, the EPA published proposed revisions to the Risk Management Program (RMP), which regulates approximately 12,000 high-risk facilities in the U.S. that use or store certain highly hazardous chemicals. EPA was specifically directed by Congress to use this program to prevent disasters, yet more than 140 harmful chemical incidents occur on average every year.

Three such incidents in January, 2022 that are the focus of the report include: a fire at the Winston Weaver Fertilizer plant in North Carolina that caused 6,500 people to evacuate and nearly triggered a deadly ammonium nitrate explosion; an explosion at the Westlake Chemical South plant that caused 7,000 students to shelter in place in the Lake Charles area in Louisiana; and a massive fire that spread to the Qualco chemical plant in Passaic, New Jersey and came dangerously close to igniting an estimated 3 million pounds of hazardous chemicals.

Preventing Disaster offers actionable recommendations the EPA should include in its final rule that could prevent similar incidents from happening in the future, including:

- Requiring all RMP facilities to consider, document, and implement safer chemicals and technologies;
- Expanding the Risk Management Program to cover ammonium nitrate and other hazardous chemicals which remain excluded in the proposed rule;
- Requiring RMP facilities to not only consider the risks posed by natural hazards, as proposed in the draft rule, but to take meaningful steps to prepare for those risks, such as implementing backup power for chemical production and storage processes.

“Overall,” the report concludes, “EPA’s draft rule, rather than adopting common-sense prevention requirements, continues to rely on voluntary actions by high-risk facilities. This approach has failed to prevent many chemical disasters over the last 25 years. If the draft rule is not strengthened, facility workers and neighbors across the country will continue to bear the human, environmental, and financial costs of more preventable disasters.”

“The EPA still has time to get this rule right,” said Steve Taylor, Program Director for Coming Clean, who contributed to the report. “Communities at the fenceline of these hazardous facilities, and the workers inside them, are sick of industry stonewalling and EPA excuses. A stronger rule is needed to ensure that hazards are removed, or we will continue to see more chemical disasters.”

“We’re glad that EPA recognizes the need to reconsider the RMP rule; preventing disasters is a longstanding priority for EJHA. Unfortunately the draft rule is full of more voluntary measures, which decades of incidents have proven do not work.” said Michele Roberts, National Co-Coordinator of the Environmental Justice Health Alliance for Chemical Policy Reform. “We are depending on EPA to have the moral and political courage to keep the promises President Biden has made to our communities— that means a final rule that requires the transition to safer chemicals and processes wherever possible. Removing hazards before disasters can occur is the best way to protect workers and communities.”

View Repor at www.preventionweb.net/publication/preventing-disaster-three-chemical-incidents-within-two-weeks-show-urgent-need-stronger

Leave a comment , , , ,

Effective communication of disaster warnings saving lives in Fiji

Industry News, Telecomms sector

Communication is key – especially when you are in the business of saving lives.

During their Ignite session on the second day of the Asia-Pacific Ministerial Conference on Disaster Risk Reduction in Brisbane, Australia, the FMS presented on disaster risk communication and effective information sharing, in order to give people a better understanding of the importance of effective communication of warnings and understanding user needs.

FMS Medial Liaison Manager, Ms Ana Sovaraki, said the Fiji Meteorological Service, as well as being a Regional Meteorological Centres in the world, has always tried to ensure the effective and timely dissemination of warnings before and during disasters.

“Following the events of Severe Tropical Cyclone Winston in 2018, the Met Service realised, amongst other things, the need to improve and enhance communication and dissemination systems” she said.

It was then that the FMS decided to create a communications role within the department to develop communications strategies to ensure warning messages are reaching the users on time. They were the first Met Service in the region to do so.

The FMS has since worked on genuinely integrating communications into their forecasts and ensuring users of information understand the warnings which in turn helps communities prepare for natural disasters in Fiji.

One of the ways in which they have done this is through impact-based early warnings communicated effectively to prompt actions. The warning bulletins now include potential or expected impacts which they have found to be more relatable to people than just forecast warnings.

“For example, if there is a tropical cyclone and the forecast says to anticipate 50km/h winds, this information alone may not be understood by a layman,” Ms Sovaraki said.

“However, if we integrate the anticipated or possible impact by saying that this wind strength is capable of ripping off roofs and uprooting trees, it can be more relatable to people and they can then take action based on that information. Impact-based communications ensures that the information is understandable, relatable, and reaches the last mile.

Another key aspect of effectively communicating forecasts and warnings is to understand the needs of users and developing user-specific products and information to meet those needs.

“We can have the best warning and forecasts, and our Communications people can give us the best key messages but if does not meet the needs of the users, then those warnings and messages do not serve a purpose,” said Director of the Fiji Met Services, Mr Terry Atalifo.

“The Met Service is moving towards trying to understand the needs of people, how vulnerable they are to disasters, and the risks these people face during disasters. This will place us in a better position to ensure that the service they provide meets these needs and requirements.”

The FMS does this by continuing to engage with stakeholders, which is a key component of their work.

“We have meetings and national forums every year to make sure that we understand the needs of these stakeholders.”

Mr Atalifo thanked all their Pacific partners and those in Australia and New Zealand who provide the support to FMS to ensure that they are able to better understand the needs of people.

Leave a comment , , ,

A Resilient World? Understanding vulnerability in a changing climate

Industry News, Water sector

A recent report is the second report about the 2021 World Risk Poll findings and it shows how financial insecurity undermines resilience in the face of climate change-related disasters. Communities across the world are feeling the impact of natural and human-made hazards, whether that’s severe weather and its link with climate change, or the result of industrial, social, or environmental impacts. Revealing how people worldwide feel their country’s infrastructure and government can cope in the face of disasters, the report provides global insights into how prepared and resilient individuals believe their communities, countries, and institutions are in dealing with hazards. The findings can be used by governments, development agencies, businesses, and researchers to help them identify vulnerabilities and take action to make people safer.

Key findings of the report include:

- Over a third (34%) of people across the world said they could only cover their basic needs for less than a month if they lost all their income.
- People from lower income countries also have less confidence in their ability to protect themselves from a disaster.
- Results from the World Risk Poll global Resilience Index reveals which countries are most resilient to climate change-related and other disasters.
- 125,000 people in 121 countries were polled as part of the study.

Leave a comment ,

Building resilience in Palau through early warning systems

Health & Social Care, Industry News, Power/Energy/Oil & Gas sector, Water sector

The residents of Palau have benefitted from effective and low-cost, low-tech early warning systems, installed through the World Meteorological Organisation (WMO) Climate Risk and Early Warning Systems (CREWS) Pilot Project.

Palau initially received sirens which were installed as part of their early warning systems. However, the residents soon realised that these technologies also came with a myriad of challenges, including the sirens breaking down, difficulties in finding back ups or replacement parts, and the cost of maintenance.

These challenges were especially hard on the outlying islands, which did not have regular access to the necessary tools and resources needed to support and maintain the warning sirens.

The CREWS Pacific SIDS Pilot Project introduced the use of low-cost, low-tech early warning systems as a solution. These consisted mainly of bells that were strategically placed around the three initial areas of Ngaraard, Ngiwal and Kayangel.

The Palau National Weather Service took the lead in the implementation of the pilot project, in partnership with the National Emergency Management Office and the Palau Red Cross Society, which was already well established in the community through their Red Cross Disaster Action teams scattered throughout all 16 states of Palau.

Executive Director of the Palau Red Cross Society, Ms Maireng Sengebau, said they had to work with the community and build their capacity to understand what early warning systems are.

“We had to get them to accept these systems and show their support by providing us with a piece of land on which the bells would be installed,” she said.

Once the bells were installed, the Palau Meteorological Service, working in partnership with the Palau Red Cross Society, would meet with various communities and conduct table-top exercises and drills to familiarise them with the early warning systems and to demonstrate how and when they should be used.

"These activities empowered the people in communities. As a result of these meetings, they are now aware of what early warning systems are and why they are important, and also what to do when there is a disaster coming. They have now taken ownership the system and are the ones who operate it and they report to the state government if it needs maintenance.”

These simple early warning systems have contributed greatly to the resilience of the people of Palau.

“I joined the Palau Red Cross in 2017, and growing up, if there was a typhoon we would just buckle down in our houses and pray. Once the typhoon passes, we would wake up the next morning and just wait for government officials to come and bring help,” said Ms Sengebau.

“That is no longer the case. Now, before the typhoon even hits, families know when and how to act. If your house is not strong enough, they need to move to the evacuation shelter. If your house is strong, make sure that your family has a disaster kit.

“There are now things they can do to minimise the damage. Instead of waiting, we can now take action even before a disaster occurs. This is made possible through these early warning systems, and how they have empowered people in communities to act during natural disasters.”

Leave a comment , , ,

UNOCT launches five new thematic guides on Protecting Vulnerable Targets Against Terrorist Attacks

Agency News, Cyber Security CII sector, Industry News, Power/Energy/Oil & Gas sector, Telecomms sector, Transport sector

The United Nations Office of Counter-Terrorism (UNOCT) hosted a high-level virtual event to launch five new specialized guides (modules) dedicated to the protection of particularly vulnerable targets against terrorist attacks, on 6 September 2022. “Vulnerable targets” refers to public places (e.g. tourist venues, urban centers, religious sites) or critical infrastructure (e.g. public transportation systems, energy sector) which are easily accessible and relatively unprotected, and therefore vulnerable to terrorist attacks.

The online launch event was opened by the Under-Secretary-General of the United Nations Office of Counter-Terrorism (UNOCT), Mr. Vladimir Voronkov, along with the Permanent Representative of Qatar to the United Nations, H.E. Ambassador Alya Ahmed Saif Al-Thani; Acting Executive Director of the United Nations Counter-Terrorism Committee Executive Directorate (CTED), Mr. Weixiong Chen; Director of the United Nations Interregional Crime and Justice Institute (UNICRI) Ms. Antonia Marie De Meo; and Chief of Cabinet of the Under-Secretary-General of the United Nations Alliance of Civilizations (UNAOC), Ms. Nihal Saad.

The participants included decision-makers, practitioners and experts on vulnerable targets protection from Member States, international and regional organizations, the private sector, civil society and academia, including members of the United Nations Global Expert Network to Protect Vulnerable Targets against Terrorist Attacks.

The high-level opening was streamed live via UN WebTV. It will be followed by an expert session, during which Member States will share experiences, good practices and tools related to the themes of the five modules:

1. The protection of “soft" targets;
2. The protection of touristic sites;
3. The protection of religious sites and places of worship;
4. The protection of urban centres; and
5. Threats posed by unmanned aircraft systems (UAS) to vulnerable targets.

The 5 modules are published in Arabic, English, French and Russian and are presented by the United Nations Global Programme on Countering Terrorist Threats Against Vulnerable Targets, which is led by UNOCT and jointly implemented with CTED, UNICRI and UNAOC.

The new guides present the knowledge and resources and lessons learned identified during the three Expert Group Meetings held by UNOCT with partners CTED, UNAOC and UNICRI in 2021. They also complement the 2018 United Nations Compendium of Good Practices on the Protection of Critical Infrastructure (CIP) against Terrorist AttacksPDF by focusing on public places/"soft" targets as distinct types of sites worthy of a dedicated security approach. The guides feature specific case studies, good practices and recommended tools from around the world to support both the public and private sectors to further strengthen the safety and security of their public places, keeping them open and accessible and promoting shared responsibility.

Leave a comment , , , ,
1 12 13 14 15 16 55