ALLHAZARDS.NET

The AllHazards Blog

The AllHazards Blog has been posting thought provoking articles about situational awareness, breaking events, technology and social media in emergency management and response, and emergency preparedness since 2010. It recently moved to this website - you can also access archived posts on the old AllHazards Blog Website.
<< First  < Prev   1   2   3   4   5   Next >  Last >> 
  • 24/08/2017 9:22 AM | AllHazards (Administrator)

    Hurricane Harvey is on track to have a possibly significant impact on Texas and the Gulf Coast, including winds around 135MPH and devastating floods and storm surge. Below are some links to resources that can be used to track this developing situation. For advance discussion of hurricanes and other hazards, we recommend that you subscribe to the weekly Critical Threat Outlook. You can also access the free AllHazards Dashboard for general current information on threats to the United States. We will try to keep this post updated as the situation develops, including to specific local resources for this storm.

    General Hurricane Resources

    Specific for Hurricane Harvey

  • 10/08/2017 3:07 PM | AllHazards (Administrator)

    We have renamed the Threat Analysis Briefing the Critical Threat Outlook (CTO). We are making this change based on feedback from subscribers, and to emphasize better the evolving nature of the product to provide a forward-looking outlook of critical threats expected in the coming week. The change will be made for the August 14th briefing. We are also planning new content for the outlook which will be rolled out over the next few months, as well as some great new products. We hope you will continue to enjoy and value the CTO under its new name!

  • 02/08/2017 9:57 AM | AllHazards (Administrator)

    The annual back-to-back security and hacking conferences, Black Hat and Defcon just ended in Las Vegas. These conferences are full of presentations and briefings on deep research in cybersecurity and privacy, and the findings presented often make the headlines. It's well worth browsing their websites, where many research papers and summaries are presented. Here are some of the most interesting findings from this year's conferences.

    • Voter machine hacking. Defcon hosted a "voter machine hacking village" for the first time, in which hackers were invited to try to break into real voting machines. Within a couple of hours, hackers were able to break security systems, mostly by gaining physical access to ports, and finding default administrative passwords and WiFi vulnerabilities. For more, see Graham Cluley's blog post.
    • Spyware on Blu phones. Researchers at Black Hat claimed that Android phones being sold on Amazon, including those from the popular Blu, contained spyware in a firmware update utility that sends personal data back to servers in China, including IMSI and IMEI numbers, GPS logs, contacts and the content of SMS messages. In response, Amazon decided to stop the sale of the affected phones, although Blu disputed the claim. For more, see this ThreatPost article.
    • Browser data can be easily de-anonymized. Researchers from Germany showed how "anonymized" browsing data available for sale can be readily de-anonymized in a presentation at DefCon. A judge’s porn preferences and the medication used by a German MP were among the personal data uncovered. For more, see this Guardian article.
    • Power grid vulnerabilities. The vulnerabilities of power grids worldwide were highlighted in a BlackHat presentation that analyzed the malware and cyberattack strategies that brought down the Ukraine power grid in December 2016. For more, see details of the presentation on the Black Hat site.
    • Radiation monitoring vulnerabilities. Multiple vulnerabilities were found in devices widely used to monitor radiation levels and nuclear sites and elsewhere. For more details including a detailed PDF report, see the Black Hat site.

    Again, more details on these and other presentations can be found on the  Black Hat and Defcon sites. 

  • 14/07/2017 8:29 PM | AllHazards (Administrator)


    Do you know where your nearest PEP radio station is? PEP (Primary Entry Point) radio stations are battle-hardened commercial radio stations, usually in the medium wave (AM) band, that serve as initial entry points for national Emergency Alert System traffic. They must have a backup generator for 30 days on the air, along with various other stringent requirements, so in a widespread disaster situation they could be vital information sources if local infrastructure is down. PEPs are not well known though - to the extent that there are very few places you can find a list of them. We have created the map shown above (also available as a PDF) to show the locations of the 33 known PEP stations. According to FEMA, new PEP stations are being added, and the map will be updated when new data is available. The map also shows NOAA all hazards radio frequencies for convenience.

  • 04/07/2017 1:14 PM | AllHazards (Administrator)

    Privacy isn't something most people think about too much. You've probably happily given out your name, address, phone numbers, email addresses and other information, and freely enjoy sharing photos and opinions with friends on social media. However, deep learning algorithms and cloud platforms are enabling a new era, where machines can get unprecedented insights into our everyday lives by mining millions of data points about us. Some of this can be for good, but it can also work against us - for instance when your health insurance doubles in price because the insurance company's algorithms predict that your health is going to go downhill soon, maybe based on your grocery shopping habits, cellphone trail and hypochondriatic web searches of late; or when your credit card information gets leaked in the latest hack. It's thus now an important life skill to understand the choices we have as individuals about what we do and do not share with the rest of the world, and what access we give to sensitive information such as our credit card numbers.

    The Complete Privacy & Security Desk Reference Volume I: Digital is by far the most comprehensive guide to understanding the privacy and security choices we make in the digital world, and to how to take some control back about what gets shared about us. The book covers a multitude of techniques from the basic that we should all do, such as setting the privacy settings of browsers and using VPNs - to highly advanced methods such as masking credit card numbers, setting up aliases and keeping your home address information completely private, that are probably only going to be realistic if you are a public figure or you are unfortunate enough to be threatened by someone. The chapters are helpfully organized into "basic", "intermediate", "advanced" and "expert". Several chapters lead you through a process to find out exactly what information about you is publicly accessible on the internet, and how to have some of it removed if you wish to.

    The book goes into a lot of detail about each of the topics it covers - for instance which browser you should use (Firefox), and exactly what settings to choose to prevent third party cookies tracking you. What is for sure - and the book is clear about this - is that there is a trade-off between security, privacy and convenience. If I have any criticism of this book, it would be that once you get started implementing its suggestions it is not clear where to stop, since everything is connected to everything else. Unless you want to live like a secret agent in a foreign country, you're going to have to draw the line somewhere. But whatever your response, you will learn a lot about what digital trail you are leaving, and what choices you have to do something about it.

    The book was first released just over a year ago, and already some of the information is a little out of date, but most is still current. To get the latest, up to the minute advice, follow the authors' Complete Privacy and Security Podcast. Overall I would highly recommend the book, as it shows that you have much more control about your digital data than you probably realize, and it gives you tools to help you find the right place for you on the privacy-convenience continuum.

  • 11/06/2017 8:39 PM | AllHazards (Administrator)

    If you have an interest in astronomy, or follow those "end of the world" blogs, you've probably heard about solar flares, and the potential impact of extreme events on the earth. Solar flares are associated with sunspots, are a regular feature of the Sun, and are normally not something to be worried about. However, due to solar cycles, about every 11 years or so there is a period of increased sunspot activity which can result in flares which actually have an impact on the earth. Recently we have heard stories of potential doom, including worldwide power outages and GPS satellites being knocked out. The next solar maximum will be about 2025. Should we be worried?

    Well, yes and no. Most of the concern revolves around the potential for a very strong solar flare which could potentially overload transformers and cause widespread, and possibly permanent power outages. This is a real threat, and was described recently in a National Academy Of Sciences report. In particular, a repeat of a very large flare which occurred in 1859 (known as the Carrington Event) could, according to the report, cause an electromagnetic overload of power grids, cause transformers to explode, with damage that might not be repairable for 5-10 years. Now, the Carrington Event appears to be quite unusual, and most solar events are much less spectacular. But it should be on our preparation radar. Smaller scale events can still cause regional outages (such as in 1989, when a solar flare resulted in a widespread outage in Quebec, lasting 12 hours and affecting 5 million people)

    Fortunately, we have some wonderful resources available, especially from the NOAA Space Weather Prediction Center which, like its terrestrial counterpart, offers warnings of activity that could cause problems. However, to be able to use these warnings and resources, we need a quick lesson in solar flares. Here is the super-quick version: for a more detailed account see the SWPC FAQ. Basically, sunspots can result in solar flares which are intense bursts of electromagnetic radiation. These only really affect the earth if the sunspot is pointing right in our direction. The most immediate impact of these earthbound flares is a very quick increase in X-ray flux. You can see  X-ray flux values in this plot from the NOAA GOES satellite (live version available on the SWPC site):


    See the letters on the right (A, B, C, M, X)? That represents the intensity of the flare. The really interesting ones are "X" class flares, and we get a few of these each solar cycle. Very quickly after the flare an X-class (and sometimes an M class) can cause shortwave radio outages on the sun-facing side of the earth. These rays reach the earth very quickly. The possible impacts on radio are given by the R scale on the NOAA Space Weather Scale.

    A solar flare can also produce a Coronal Mass Ejection (CME). This is a cloud of geomagnetically charged particles which reaches earth usually a couple of days after a flare. This is the one which can cause power outages. It is measured using Planetary K-index (Kp) values - you can see Kp values in the plot below (also taken from the NOAA site):


    Anything over "4" is classed as a storm, although it's really 8's and 9's which spell trouble. Again for a mapping to real effects, see the G-scale on the NOAA Space Weather Scale.

    So that's the quick intro to get you started! For more information, as well as the NOAA site, I recommend SolarHam.com (check out the forums) and SpaceWeather.com. You can track current solar events in the AllHazards Dashboard and we give weekly updates on solar weather in the Threat Analysis Briefing.

    Adapted from an article originally published in allhazards.blogspot.com


  • 11/06/2017 8:27 PM | AllHazards (Administrator)

    Some of you might be familiar with the AllHazards Blog where we have been posting for many years about breaking events, informatics in disasters and emergency response; and new perspectives on preparing for small and big emergencies and disaster. We will be migrating the blog to this site, so that everything is in one place. We will start by re-posting some of the most popular entries from the AllHazards Blog.

  • 21/05/2017 3:46 PM | AllHazards (Administrator)

  • 14/05/2017 11:01 AM | AllHazards (Administrator)

    We will no longer post the regular TAB release as an "update" since these are routine.

  • 07/05/2017 3:44 PM | AllHazards (Administrator)

    The May 8th threat analysis briefing is now available in the Member's Area of the site.

<< First  < Prev   1   2   3   4   5   Next >  Last >> 
Powered by Wild Apricot. Try our all-in-one platform for easy membership management