Discuss why cyber-security is critical to the future of Emergency Management? What challenges do you see in the Emergency Management field related to cyber-security.?

 

Emergency planners, first responders and relief workers increasingly rely on computational and communication systems that support all aspects of emergency management, from mitigation and preparedness to response and recovery. Failure of these systems, whether accidental or because of malicious action, can have severe implications for emergency management. Accidental failures have been extensively documented in the past and significant effort has been put into the development and introduction of more resilient technologies. At the same time researchers have been raising concerns about the potential of cyber attacks to cause physical disasters or to maximise the impact of one by intentionally impeding the work of the emergency services.

Future Internet sensor networks can contribute towards early detection of emergency events as well as improved situational awareness during a search and rescue operation, at the level of individual buildings or larger geographical areas. Autonomous systems and particularly autonomous vehicles are alsocommonly proposed in the EM context. Situational awareness and coordination may be improved withlive aerial imagery provided by unmanned aerial vehicles or with an ad hoc infrastructure of wirelessrobots that reach locations otherwise inaccessible to the ?rst responders. The Internet also plays asigni?cant role, with several web-based EM systems, as well as with the widespread use of social mediafor the dissemination of information during an emergency, both by the authorities and the public.This increased use of computational and communication systems introduces cyber threats in EM.Cyber attacks can directly cause physical damage or indirectly aggravate a physical incident by impedingthe work of ?rst responders. As EM makes use of several private and public communication systems,from satellite communications to wireless sensor networks, cellular networks and the Internet, a securitybreach in one communication medium can have an impact on all other ones. In fact, the prevalent use ofcyber-physical systems means that a cyber attack can even affect the operation of physical devices, suchas ?ood control equipment or safety sensors. At the same time, decisions during an emergency need tobe taken and communicated quickly. A cyber attack that would target the integrity of the informationcould have an immediate effect on the decision making that relies on that information, while a denial ofservice attack could cut off communication between commanders and ?rst responders.

EMDuring an emergency, human mistakes are naturally common. Time pressure and the lack offamiliarisation of EM practitioners with concepts of cyber security would make it relatively easy for cyber attackers to exploit human mistakes, possibly through social engineering. The insider threat orMan-at-the-end attack, as suggested in may also be signi?cant. For example, in 1992, a failure ofChevron's computerised emergency alert system delayed the authorities from notifying the public of a chemical release accident. The failure was caused by a disgruntled former employee who had disabledthe emergency alert function. While the human element is certainly critical in the EM context, ouremphasis here is on the vulnerabilities of the technologies involved.