We are currently scheduling the “School Based Threat, Risk, and Vulnerability Assessment (SBTRVA) Training and Certification Course for 2014. The course is designed for school administration, faculty and staff, emergency responders from all response disciplines and community leadership.
The course is based upon best practice Threat, Risk, and Vulnerability concepts and is geared specifically for schools. For more information on hosting the SBTRVA, please contact us at: firstname.lastname@example.org or call us for more information.
Combat vehicles in east Ukraine city raise Russian flags
SLOVYANSK, Ukraine – A column of armored vehicles flying Russian flags drove into a Ukrainian city controlled by pro-Russia insurgents Wednesday, dampening the central government's hopes of re-establishing control over restive eastern Ukraine.
Still, it was far from clear just who these mostly masked men were and what their presence meant for eastern Ukraine, which has seen a surge of support for closer ties with Russia and against the new government in Kiev, which wants closer links to Europe.
Ukraine launches anti-terror operation against pro-Russian forces
Ukraine's acting president said Tuesday that a military operation to quash a pro-Russian insurgency has started in eastern Ukraine after more than a week of seizures of government building in the latest standoff to grip the country.
Oleksandr Turchynov said the “anti-terrorist” operation began in the early morning hours in the northern Donetsk region, where the majority of the pro-Russian forces are located, The Wall Street Journal reported.
May 13, 2014
1:30 PM - 4:30 PM
Workshops: May 12, 2014
Executive Director's Blog
NDPCI & NSA Partner for Homeland Protection Certifications
The Coalition in partnership with NSA is proud to announce the official rollout of two certification programs, the Certified Homeland Protection Professional (CHPP) and Certified Homeland Protection Associate (CHPA). Those who qualify for the certification, upon official notification of approval, may use the CHPP or CHPA designation (as applicable) following their name. The designations certify that individuals have demonstrated competency, knowledge, skills and abilities in the blended discipline of Homeland Protection, through a rigorous qualification and testing program. Visit our Website for full details
NDPCI YouTube Channel
Our Improvised Explosive Devices (IED), Package Inspection and Mailroom Procedures Course is now in the DHS, National Training and Education Division (NTED) State and Federal Sponsored Catalog.
The course number is NJ-016-PREV and is located on page 76 of the NTED Catalog. The course can now be paid for with HSGP funds.
Please contact us at email@example.com or call us for more information about scheduling the course.
Subject Matter Expert Highlight
J. Scott Quirarte is a Fire Captain with the Ventura County Fire Department in California. He has been with the department 24 years and was honored as the Firefighter of the Year 1992 and 2011, and Engine Company of the Year 2009 and 2011. Captain Quirarte is a CSTI/ProBoard certified Hazardous Materials Technician and is currently assigned to the Hazardous Materials Team. He has been a member of the Hazardous Materials Team since 1992, and the Hazardous Materials Captain since 2001. His duties include the management of all department hazardous materials training, budgets, research and development, and PPE program. Captain Quirarte has developed and led multiple programs since being assigned to the Hazardous Materials Team including the department air monitoring program, the county-wide radiological monitoring program and Cal-EMA Type 1 HazMat Team certification for the regional team. Captain Quirarte was also the program manager for the replacement of the current HazMat vehicle. This grant funded program was completed with the purchase and outfitting of a state of the art 44’ tractor trailer HazMat response vehicle. Captain Quirarte has responded as part of an Incident Management Team to numerous Type 1 and Type 2 incidents. Captain Quirarte holds the following ICS qualifications: Type 4 Incident Commander, Strike Team Leader Engine, Task Force Leader, Field Observer, Engine Boss, PIO 2 and Cal-EMA Hazardous Materials Group Supervisor and Assistant Safety Officer HazMat. Captain Quirarte is a state certified Fire Investigator. He spent four years assigned as an Arson Investigator where he conducted origin and cause investigations and testified as an expert witness in both criminal and civil cases.
Captain Quirarte is a certified instructor accredited by the California Specialized Training Institute and the Department of Homeland Security. Captain Quirarte is a California State Fire Instructor and a Homeland Security Exercise and Evaluation Program-HSEEP Master Exercise Practitioner (MEP). He has developed and delivered numerous training programs/exercises across the country to a wide array of audiences and disciplines including, Public Health, military, fire, law enforcement, FBI, NSA, ICE, emergency managers, hospitals, and the private sector.
Captain Quirarte’s course development includes his work as a subject matter expert and lead instructor for the National Domestic Preparedness Coalition where he assisted with development of their Department of Homeland Security Course “MGT-336 Operational Value of Threat, Risk, and Vulnerability Assessment”. He is also a subject matter expert and Instructor for the National Sheriff’s Association where he provided curriculum development on their Department of Homeland Security Course “ARW-198 First Responder”.
Captain Quirarte is a member of the FEMA Fire/Hazmat Working Group which is currently working on resource typing and responder credentialing. He is also a member of the FIRESCOPE Hazardous Materials Specialist Group. Current FIRESCOPE work includes the rewrite of the Field Operations Guide Hazardous Materials Section and the development of two new sections, one on terrorism and the other mass decon.
Email Hacked? 7 Things You Need to do NOW
It seems like not a day goes by where I don't get a question from someone that boils down to their email account having been hacked. Someone, somewhere has gained access to their account and has started using it to send spam. Sometimes passwords are changed, sometimes not. Sometimes traces are left, sometimes not. Sometimes everything in the account is erased, both contacts and saved email, and sometimes not. But the one thing that all of these events share is that suddenly several people, usually those on your contact list, start getting email from "you" that you didn't send at all. Your email account has been hacked. Here's what you need to do next.. 1. Recover Your Account
by Leo A. Notenboom, ©
It seems like not a day goes by where I don't get a question from someone that boils down to their email account having been hacked.
Someone, somewhere has gained access to their account and has started using it to send spam. Sometimes passwords are changed, sometimes not. Sometimes traces are left, sometimes not. Sometimes everything in the account is erased, both contacts and saved email, and sometimes not.
But the one thing that all of these events share is that suddenly several people, usually those on your contact list, start getting email from "you" that you didn't send at all.
Your email account has been hacked.
Here's what you need to do next..
1. Recover Your Account
Login to your email account via your provider's website.
If you can, consider yourself very lucky and proceed to step 2 right away.
If you can't login even though you know that you're using the correct password, then it's likely that the hacker has already changed your password.
Important: If you cannot recover access to your account, then it is now someone else's account. It is now thehacker's account. Unless you've backed up, everything in it is gone forever and you can skip the next two items. You'll need to set up a new account from scratch.
2. Change Your Password
One you regain access to your account, or if you never lost it, you shouldimmediately change your password.
As always, make sure that it's a good password: easy to remember, difficult to guess, and long. In fact, the longer the better, but make sure your new password is at least 10 characters or more and ideally 12 or more, if the service supports it.
But don't stop here. Changing your password is not enough.
3. Change Your Recovery Information
While the hacker had access to your account, they may elect to leave your password alone. That way, chances are you won't notice that the account has been hacked for a while longer.
But whether they changed your password or not, they may very well have gone in and changed the recovery information.
The reason is simple: when you finally do get around to changing your password, the hacker can follow the "I forgot my password" steps and reset the password out from underneath you using the recovery information that he collected or set.
Thus, you need to check all of it and change much of it ... and right away.
Change the answers to your secret questions. The answers that you choose don't have to match the questions (you might say your mother's maiden name is "Microsoft", for example). All that matters is that the answers that you give match the answers that you set here if you ever need to recover your account.
Check your alternate email address or addresses associated with your account and remove any that you don't recognize or are no longer accessible to you. The hacker could have added his own. Make sure that all alternate email addresses are accounts that belong to you and that you have access to.
Check any mobile or other phone numbers associated with the account. The hacker could have set their own. Remove any that you don't recognize and make sure that if a phone number is provided, it's yours and no one else's.
These are the major items, but some email services have additional information that they can use for account recovery. Take the time now to research what that information might be and if it's something that could have been altered while the hacker had access to your account.
Overlooking information that could be used for account recovery could allow the hacker to easily hack back in; make sure that you take the time to carefully check and reset as appropriate.
4. Check Related Accounts
This is perhaps the scariest and most time consuming.
Fortunately it's not common, but the risks are high so understanding this is important.
While the hacker has access to your account, they have access to your email, including both what is in your account now – past email – as well as what arrives in the future.
Let's say that the hacker sees that you have a notification email from your Facebook account. The hacker now knows that you have a Facebook account and what email address you use for it. The hacker can then go to Facebook, enter your email address, and then request a password reset.
A password reset that's sent to your email account ... that the hacker has access to.
As a result, the hacker can now hack your Facebook account by virtue of hacking your email account.
In fact, the hacker can now gain access to any account that has this hacked email associated with it.
Like, perhaps your bank. Or Paypal.
Let me say that again: because the hacker has access to your email account, he can request a password reset be sent to it from any other accountfor which you use this email address. In doing so, the hacker can hack and gain access to those accounts.
What you need to do: check your other accounts for password resets that you did not initiate and any other suspicious activity.
If there's any doubt, consider also proactively changing the passwords on those accounts as well. (There's a strong argument also for checking or changing the recovery information for these accounts just as you checked for your email account, for all the same reasons.)
5. Let Your Contacts Know
Some may disagree with me, but I recommend letting your contacts know that your account was hacked. Either from the account once you've recovered it or from your new email account.
In particular, inform all of the contacts in the address book that's kept with that account online. That's the address book that the hacker would have had access to.
I believe it's important to notify your contacts so that they know not to pay attention to email sent while the account was hacked. Occasionally, hackers will actually try to impersonate you to extort money from your contacts. The sooner that you let them know that the account was hacked, the sooner, they'll know any such request – or even the more traditional spam that might have come from your account – is bogus.
6. Start Backing Up
One of the common reactions to my recommending you let your contacts know is: "But my contacts are gone! The hacker erased them all and all of my email as well!"
Yes. That happens sometimes. It's often part of a hacker not wanting to leave a trail – they delete everything in the account: everything they've done along with everything you've done.
If you're like most people, you've not been backing up your online email. All I can suggest at this point is to see if your email service will restore it for you. In general, they will not. Because the deletion was not their doing, but rather the doing of someone logged into the account, they may simply claim it's your responsibility.
Hard as it is to hear, they're right.
Start backing up your email now. Start backing up your contacts now.
For email, that can be anything from setting up a PC to periodically download the email via POP3 or IMAP to setting up an automatic forward of all incoming email to a different email account, if your provider supports that. For contacts, it could be setting up a remote contact utility (relatively rare, I'm afraid) to also mirror your contacts on your PC or periodically exporting your contacts and downloading them that way.
7. Learn From The Experiene
Aside from "I should have been backing up," one of the most important lessons to learn from the experience is to consider all of the ways that your account could have been hacked, and then take appropriate steps to protect yourself from a repeat occurrence in the future.
Use long passwords that can't be guessed and don't share them withanyone.
Don't click on links in email that are not 100% certain of. Many phishing attempts lead you to to bogus sites that ask you to login and then steal your password when you try.
If you're using WiFi hotspots, learn to use them safely.
Keep the operating system and other software on your machine up-to-date and run up-to-date anti-malware tools.
Learn to use the internet safely.
Consider multi-factor authentication where simply knowing the password is not enough to gain access. Most services do not support this, but for those that do (Gmail, for example), it's worth considering.
If you are fortunate enough to be able to identify exactly how your password was compromised (it's not common), then absolutely take measures so that it never happens again.
8. If Your Not Sure Get Help
If the seven steps above seem too daunting or confusing, then definitely get help. Find someone who can help you get out of the situation by working through the steps above.
While you're at it, find someone who can help you set up a more secure system for your email and can advise you on the steps that you need to take to prevent this from happening again.
And then follow those steps.
The reality is that you and I are ultimately responsible for our own security. That means taking the time to learn and to set things up securely.
Yes, additional security can be seen as an inconvenience. In my opinion, dealing with a hacked email account is significantly more inconvenient and occasionally downright dangerous. It's worth the trouble to do things right.
If that's still too much ... well ... expect your account to get hacked again.
9. Share This Article
As I said, email account theft is rampant.
Share this article with friends and family – statistically, you or they will encounter someone who's account has been hacked and who will need this information.
Use the Share buttons below.
Share this short-URL: http://ask-leo.com/C5415 to go directly to this article online.
A stand-alone PDF of this article is available for offline viewing: right click hereand "Save Target As..." (or equivalent) to save a copy on your PC. Feel free to share this document with others. (Adobe Reader, FoxIt Reader, or equivalent PDF reading application required to view the document.)
Cyborg Insects Could Be First Responders in Rescue Situations
"Bugged bugs" can go where humans can't
By Sean Kane
We've seen insects with microchips attached used as zombie drones and weapon trackers, thanks to DARPA. But now a group at the University of Michigan has a plan to unleash cyborg insects equipped with sensors as first responders in dangerous environments.
The bugs carry small devices on their backs that harvest the energy of wing movements, and use it to power cameras, microphones, sensors and communication equipment.
"Through energy scavenging, we could potential power cameras, microphones and other sensors and communication equipment that an insect could carry aboard a tiny backpack," said Professor Khalil Najafi, chair of electrical and computer engineering at the University of Michigan. "We could send these 'bugged' bugs into dangerous or enclosed environments where we would not want humans to go."
CHPP / CHPA Workshop at GOVSEC 2014
Workshops: May 12, 2014
December 14th is Sandy Hook Remembrance Day