Foreign Hackers Threaten Automated Weather Alerts

This story from the Washington Post talks about an incident in September in which NOAA systems were hacked, resulting in the agency shutting down its systems for a period while claiming  that it was “doing ‘unscheduled maintenance’ on its network, without saying a computer hack had made that necessary.”  Other stories suggest that the incident resulted in the temporary shutdown of data from NOAA and other sources.

Apparently NOAA did not disclose the hackers attack, as required by law.

This is scary stuff for at least two reasons we can think of:

1) Automated weather alerts depend on NOAA systems.  These are the systems that automatically feed IPAWS/WEA alerts as well as the automated weather alerts that come from Hyper-Reach and other systems.  So a loss of these systems at the wrong time could jeopardize lives and property;

2) If hackers were able to create false alerts, they might be able to disrupt a community for some nefarious end.  A tornado or other shelter-in-place alert could be sent to millions of people, for example, in order to clear the streets.

As more and more alerts are tied to automated systems, it becomes increasingly important that those systems are secure.

Best Practices in Wireless Emergency Alerts – II

In part two of our series summarizing “Best Practices in Wireless Emergency Alerts”, we’ll tackle the topic of how the audience for WEA’s is selected. Many times an emergency will not affect an entire county, so how does public safety decide who receives Wireless Emergency Alerts (WEA)?

Wireless Emergency Alert standards do not require the alerting authority to send out alerts to an area smaller than a county. Even though a citizen may live miles away from the emergency taking place, they could still get an alert. Some emergency alert vendors, including Hyper-Reach, provide map-based geo-targeting so that alerts can easily be sent only to cell towers  in the affected area. Counties that don’t use geo-targeting will send alerts to the entire county.

Even when the software provider can support map-based geo-targeting, the method that mobile telecom carriers use to select the towers can result in over-selecting the people getting the alert.  We’ll explain that more in a later post.

When people receive too many alerts that don’t pertain to them, they can become desensitized to them, a term called “alert fatigue”. This can be dangerous as they might ignore an important alert later on.

The Integrated Public Alert and Warning System (IPAWS) Open Platform for Emergency Networks (OPEN) creates an alert using a combination of phrases generated from the information put into the system by local alerting authorities. These messages cannot be modified. To try to avoid alert fatigue, some alerting authorities can change the WEA using a Commercial Mobile Alert Authority text (CMAMtext). In theory, state authorities have granted certain public safety officials the option of sending a CMAMtext, a customizable 90-character message.  In reality, according to a recent FEMA IPAWS webinar we attended, all alert authorities can send CMAMtext message.

In effect, a CMAMtext message can be thought of as free-form text.

While a standard IPAWS-OPEN alert may read:

FLOOD WARNING

Until 6:23 pm

Evacuate now

A CMAMtext message could be more specific:

FLOOD WARNING

Until 6:23 pm

Evacuate S Main St now

Although the entire county may receive the alert, it is clear that residents of South Main Street should respond.

Another example of a standard IPAWS-OPEN message is:

FIRE WARNING

In this area

Until 1:05 am

Evacuate now

A CMAMtext could read:

FIRE WARNING

in Zip 01375

Until 1:05 am

Evacuate now

CMAMtext can also be used to change the language of the alert, if a large percentage of the county is comprised of non-English speakers.

Emergency management agencies work hard to make sure their messages are clear, effective and relevant to the people who are receiving them. While geo-targeting is useful to avoid alert fatigue, using CMAMtext to be more specific is a good practice. We’d love to hear what you think.

Faith and Community Leaders called to prepare

Disasters can strike any small town or city without warning and often residents turn to their local leaders for assistance. Clergy and community leaders have and take a considerable amount of responsibility for their congregations and folks they represent. It is expected that these leaders respond quickly and be ready to open the doors when a tornado devastates a neighborhood or an entire community is flooded.

If these are the expectations for leaders to respond to disaster, isn’t it equally as important to engage and prepare everyone beforehand? Organizations and churches have connections to large groups of people living in certain communities. If emergency preparedness leaders are looking to create an effective campaign to inform the public, it makes sense to encourage these people to participate.

Local clergy and religious leaders have the opportunity to reach out to their members through bulletins or events to encourage preparation. As faith leaders, they are trusted and have the possibility for high numbers of registrations for local emergency notifications. It is important for them to educate and understand the risks facing their communities and share those with their congregations. There are many resources that can be used and be a guide for preparedness. Faith leaders can create and opt-out or opt-in system for their congregations, however, opt-out may be more effective, as it would have higher enrollment numbers. Events can be planned to inform and notify the community of the proposed enrollment campaign like Crenshaw Christian Church in Los Angeles which held its 2nd Annual Preparedness Sunday last month or the many other events organized around the country!

This active role of community and faith leaders can save lives and participation should be inspired by their commitment to serving others.

Honoring America’s Veterans

Today is Veterans Day and since many folks in the emergency management and public safety fields, it seems like it’s a good opportunity to say “thanks” to our veterans.

Veterans Day started out as “Armistice Day” to celebrate the end of World War I, which formally ended on the 11th hour of the 11th day of the 11th month in 1918.  It was originally intended to honor the veterans of that great war.  The date was declared Veterans Day by President Eisenhower in 1954, although Birmingham, AL claims to have started the movement to rename it “Veterans Day” in 1947 and Raymond Weeks of Birmingham was recognized by President Reagan as the driving force for both renaming it and changing it to honor all veterans.

Here are some of the ways you can thank a vet today.  And if you’re a fan of StoryCorps, this special is worth a listen.

We appreciate our veterans and the sacrifices they’ve made and we add our thanks to the chorus of voices that are singing the praises of all the men and women who have served our country so well.

 

 

 

 

How Dallas Used Their Emergency Alert System During Ebola Crisis

This story from Urgent Communications profiles how Dallas used their Mass Emergency Notification System (MENS) to help in their education efforts during the time that Thomas Eric Duncan and two nurses were diagnosed with the Ebola virus.

What the article makes clear is that the longest time spent in sending the messages was in deciding what to send – both in the way of content and also in terms of the frequency of messaging.

Like Hyper-Reach, the Dallas system uses landline phone numbers from the 911 database, combined with self-registration data to capture cellphones and email addresses.  Numbers to be called can be selected by geography (our system uses Google Maps, which we consider to be a big benefit, since it’s so familiar and easy to use.)

We’ve talked to public health workers about the use of emergency alert systems like Hyper-Reach for alerts about disease outbreaks and other public health risks and they agree these systems can be useful.  We also think it’s important to consider the use of IPAWS and WEA messages when there’s a real crisis.  WEA messages don’t depend on registration, so they reach every WEA-equipped cellphone (which is most of them) within a selected geography.

So we’re encouraging our clients – and all public safety folks – to think about how they would use Hyper-Reach or systems like it in a public health emergency like a disease outbreak.  And let us know if we can help.

Drones for Emergency Alerts?

This story is about the use of drones for emergency response, but we think there are some fascinating applications for emergency alerts.

Drones offer some really interesting capabilities for helping to alert the public:

  1. Mobile sirens.  Today, various communities spend tens of thousands of dollars on fixed sirens that have limited coverage.  A single siren on a drone could cover many square miles in just a few minutes;
  2. Mobile PA.  Instead of sirens, a drone equipped with speakers could broadcast a voice message in a small area, delivering very specific information about, for example, a downed power line;
  3. Mobile reconnaissance.  Many times, emergency alerts over-select the population that needs to be alerted.  A drone equipped with camera and other sensing equipment might be able to report the specific area affected by an emergency.

Crazy?  Perhaps.  But consider how inexpensive drones are in the story that inspired us.  These were developed to carry a defribillator to help revive heart attack victims.  And they’re cheap:

Momont proposes expanding the existing emergency medical infrastructure with a network of fast and compact drones that have communication capabilities and can carry medical auxiliary equipment. “The costs should not be an issue; I have calculated these at approximately €15,000 per drone, which is clearly a reasonable amount if you consider the number of lives that could be saved.”

It’s easy to get nervous about devices running around blaring alarms, but in a world where packages may be delivered by drone, it’s time to think about how else drones can help.

Emergency Alerts for Political Purposes – Not Cool

Mass emergency notification services like Hyper-Reach are used for letting the public know of emergency situations that can threaten life, health or property.  And that’s a good thing.

But this morning our news searches uncovered a story that suggests a sheriff in California was using its community alert service for political purposes.  The story talks about the high number of alerts sent before a primary election and how those alerts decreased significantly after the primary, in which the incumbent sheriff lost.  According to the story, the alerts seem to have been designed to show the incumbent’s activity level in fighting crime.

This isn’t the first time we’ve heard about alert services misused for political purposes.  We saw a story two years ago about an alert urging voters to get to the polls.  That story suggested that the alert was targeted to areas with high levels of the incumbent’s supporters.

Since it’s the day after election day, it seems like a good time to comment on this kind of activity.  To say that it’s inappropriate is belaboring the obvious. And in an environment where it’s important to get the public signed up for emergency alerts, this kind of thing can only be hurtful.

If you’re in charge of your community’s alert system, we suggest you create a code of conduct to make sure that the alerts you – or your successors – send out are appropriate and justify a citizen’s willingness to sign up for your alert service.

Alert – It’s time to vote

Americans have a funny attitude about elections.  We claim the status of a democracy, but too many of us fail to exercise our right to vote.

And among those who are consistent voters, too many of us are perfectly willing to go along with attempts to suppress the votes of the folks we disagree with or inflate the votes of those we agree with.  That’s not a commentary about one party or the other.  Dirty tricks, fraud, gerrymandering and voter suppression have been used by Democrats, Republicans, Whigs, Federalists and Democratic-Republicans all the way back to the early days of our republic.

But as flawed as our system is, we agree with Winston Churchill, who famously observed that democracy was the worst political system, except for all the others.

And as flawed as our system is, it’s gotten us pretty far.  The USA is still the leading beacon of light in a world that keeps – however slowly and painfully – getting better, safer, wealthier and more free.

So get out there and vote, if you haven’t already.  It’s your right and your responsibility.  And it’s the only way to keep our system as good as it can be.

 

“Do 1 Thing” Says It’s Emergency Supply Month

If you don’t know “Do 1 Thing“, you should.  This is a program that’s based on the idea that if you do one thing each month for emergency preparedness, you’ll be 12 times better prepared than if you do nothing at all.

The idea (we assume) is that it’s easier to eat an elephant one bite at a time than to sit down and eat the whole thing at once.

Their “one thing” for November is Emergency Supplies.  These include batteries, flashlight, cash and medicines, but there are many others. Go visit their site for more details.

Here’s a thing you should also do – sign up for your local emergency alert system.  If you don’t know where to go, just click on USNEAR.org and sign up there so you’ll be registered anywhere in the US with emergency alert service.

Internet Alerts – the Next Big Thing?

Many thanks to Rick Wimberly for cluing us into the Federation for Internet Alerts (see this story) and now telling us that the Weather Channel may do a related kind of thing (although theirs will also include a message authoring capability, it seems).

And Google offers something similar, which they call Google Public Alerts.

A quick search suggests that the average American spends between 1 – 3 hours per day on the Internet via PC or phone, so getting to people via the Internet adds an important new channel.  And because Internet alerts can include hyperlinks, they can provide much more information than a 90-character WEA (Wireless Emergency Alert) or even an EAS broadcast, which is typically just text scrolling on the bottom of the TV screen.  (See this for an example of the kind of information available for an Amber Alert.)

The folks at the Federation for Internet Alerts (FIA) told us that they were the #1 source of tips generated on Amber Alerts last year.  That’s pretty impressive and shows the potential here.

If you’re a Hyper-Reach client, know that we’ve already approached the FIA and Google about letting us integrate so that you can send your emergency alerts to these networks using Hyper-Reach.  It may take a while to get there (FIA told us they have issues they need to resolve first, for example.)  And we’ve started a discussion with the Weather Channel as well. Since we’re already compatible with CAP (Common Alerting Protocol), we’ve got the technology down.  There are still many issues to work out, but we see some great opportunities to enhance emergency alerts coming up.