Marine Safety & Emergency Management

For those who have interest in the Emergency Management (EM) field TRACEN Yorktown is offering Incident Command System (ICS) courses to train and assist qualifying people for the different positions that are part of the Incident Command Post (ICP). The ICP is set up to operate as an incident headquarters during an emergency or a national security event. All courses are taught by Yorktown instructors, are virtual (viewed in the comfort of your own home) and are for free. The only investment is your time. For further information, please contact John Milkiewicz for further details.

The Maryland-National Capital Region Area Maritime Security Committee (MD-NCR AMSC) has released their September 2022 Newsletter. You can scroll through it below.

Included with this month's newsletter:

• FY 2022 Preparedness Grant Program: Final Allocation Announcement, Bulletin No. 476

The Maryland-National Capital Region Area Maritime Security Committee (MD-NCR AMSC) has released their July 2022 Newsletter. You can scroll through it below.

The Maryland-National Capital Region Area Maritime Security Committee (MD-NCR AMSC) has released their May 2022 Newsletter. You can scroll through it below.

Included with this month's newsletter:

• Navigation and Vessel Inspection Circular(NVIC) Frequently Asked Questions

The Maryland-National Capital Region Area Maritime Security Committee (MD-NCR AMSC) has released their April 2022 Newsletter. You can scroll through it below.

For anyone who has an interest in dealing with drones: In the newsletter, there is a drone working group.

For Marine Safety & Security:

Drone Assessment and Response Tactics (DART): Course is being offered through New Mexico Tech to help front-line first responders and emergency management personnel to detect, identify, track, assess, mitigate and respond to commercial and hobbyist unmanned aircraft operations. This course will provide first responders with mitigation and response techniques to use if they determine that an unmanned aircraft is operating in an unsafe or illegal fashion. The DART course also alerts the participants to the possible terrorist use of unmanned aircraft and enables them to understand the dangers represented by terrorist use of unmanned aircraft.

Marina Outreach Initiative: When visiting marinas for VSCs, please keep the below information in mind when meeting Marina Owners and Operators:

Marina Owners and Operators would be a tremendous addition to the Area Maritime Security Committee. They are the eyes and ears of the maritime community for seasonal & full time pleasure craft, passenger vessels & water taxi routes. Safety & Security are beneficial to these owners & operators. Many Law Enforcement and FD/EMS marine units frequent marinas throughout Maryland & NCR. In the course of your duties please feel free to promote the Area Maritime Security Committee.

Cyber:

The U.S. Coast Guard and the Cybersecurity and Infrastructure Security Agency at the U.S. Department of Homeland Security (DHS), in partnership with Denmark and the Netherlands, requests your presence at the Global Marine Transportation System (MTS) Cybersecurity Symposium hosted by the United States on 10-12 May 2022 in the Port of Long Beach in Los Angeles, California, USA.

CISA’s “Shields Up” website remains the primary location for information and recommendations for adapting a heightened cybersecurity posture, and we highly encourage all MTS stakeholders to visit the site regularly for updates and reminders. MTS stakeholders can also receive CISA’s subscription service for timely updates/bulletins. The Coast Guard continues to monitor guidance and products from CISA and partner agencies and will distribute these materials to stakeholders, along with maritime-specific context, as appropriate.

Government Emergency Telecommunications Service (GETS) - GETS provides subscribers with priority access and prioritized processing in the local and long-distance segments of landline telephone networks. - Subscribers are issued a Personal Identification Number (PIN) that assigns priority status to calls in service provider networks when used. - Physical GETS cards and usage guides are issued to all subscribers for easy reference. - Does not require additional hardware. - Free: There is no charge to GETS subscribers for enrollment or use.

Wireless Priority Service (WPS) - WPS provides authorized devices with priority calling on all nationwide and several regional cellular networks. - Interoperable: WPS connects calls across all major service carrier cellular networks and some regional carrier networks. - Free: There is no charge to WPS subscribers for enrollment or use. - Resilient: Can be used with GETS to maximize call completion. To register for Government Emergency Telecom Service (GETS) & Wireless Priority Service (WPS): Please go to www.cisa.gov/requesting-gets-and-wps.

Included with this month's newsletter:

• MSIB 02-22 Cybersecurity Awareness and Action
• The Global Marine Transportation System Cybersecurity Symposium is being hosted on May 10-12th as a virtual and in-person event. Registration information, and an email to direct questions to the Coast Guard MTS Cybersecurity Planning team, are available in the flyer.

The Area Maritime Security Maryland General Committee Meeting will be held April 7^th. See the attached flyer below.

The MD-NCR AMSC is composed of government agencies, commercial industries, and individuals interested in preserving and enhancing the security of our shared waterfront infrastructure and the Marine Transportation System (MTS) of the COTP Zone. The AMSC was created to build an awareness of our maritime activities, identify risks, enhance security activities, improve communications, and coordinate a rapid response to increased security threat levels. The Committee shall create, maintain, and exercise an AMS Plan (AMSP) for the region, aimed at minimizing risk during normal operations and at times of heightened threats. The AMSP will outline activities to be conducted by MTS stakeholders and government agencies to ensure proper precautions are taken to ensure the continued safety and security of our region’s infrastructure and MTS.

The USCG Office of Emergency Management and Disaster Response (CG-OEM) has released their February 2022 Update. You can scroll through it below.

The Maryland-National Capital Region Area Maritime Security Committee (MD-NCR AMSC) has released their March 2022 Newsletter. You can scroll through it below.

This month’s newsletter provides possible cybersecurity measures for MARSEC levels. The newsletter also provides information on an upcoming Drone Assessment and Response Tactics (DART) training that is being offered through New Mexico Tech.

Included with this month's newsletter:

• MTS-ISAC Guide: Possible Cybersecurity Measures for MARSEC Levels.

The Maryland-National Capital Region Area Maritime Security Committee (MD-NCR AMSC) has released their January 2022 Newsletter. You can scroll through it below.

(Note, AMSC did not release a newsletter for January)

Also, sector wants to ensure that all who need it make sure to request or reset their USCG HOMEPORT webpage. Sector is planning to run a drill in the next few months to see who can log into the page.

Included with this month's newsletter:

• AMSC PSCG Pamphlet: Information on the upcoming Port Security Grant Program presentation and Q&A with FEMA Grant Officer Omid Amiri.
• CISA Insights Cybersecurity: Information about steps that organizations of any sector and size should take NOW in order to implement cybersecurity measures that protect against critical threats.

The Maryland-National Capital Region Area Maritime Security Committee (MD-NCR AMSC) has released their December 2021 Newsletter. You can scroll through it below.

Included with this month's newsletter:

• White House Holiday Letter: Holiday Cybersecurity message to corporate executives and business leaders.
• Maritime Cyber Alert 04-21: Actively Exploited Critical vulnerability in Apache Log4j, rated 10 out of 10 on the Common Vulnerability Scoring System (CVSS) by the National Institute of Standards and Technology.
• FLASH-CU-000156: Indicators of compromise associated with Cuba Ransomware.
• AMSC 2022 proposed schedule: Upcoming AMSC Functions & Events scheduled in the near future 2022.

The 3rd annual D.C. Interoperability Summit marked the 20th anniversary of the September 11, 2001, attack on America. The Summit highlighted interoperability and emergency communications successes and challenges through real-world accounts from responders who were on the scene of the attacks at the World Trade Center and Pentagon. The Summit also touched on the heroic efforts by the passengers and crew of Flight 93, the creation of the memorial in Shanksville, Pennsylvania, and the challenges faced in the hunt for and capture of Osama Bin Laden. Check out the two links below for more detail:

• Running into Danger: Commentary on the DC 2021 Interoperability Summit
• DC 2021 Interoperability Summit After Action Report

You can also view video of the entire summit on You Tube:

The Maryland-National Capital Region Area Maritime Security Committee (MD-NCR AMSC) has released their November 2021 Newsletter. You can scroll through it below.

One of the included flyers provides information about an upcoming webinar that provides background and lessons learned from the cyber breach at the Port of Houston that occurred this past year. The webinar is scheduled for December 6th and registration is required.

The newsletter also reports that the Interagency Underwater Port Assessment: Team will be conducting an assessment of the floor of the NCR harbor area during the first week of December.

The bulletins along with this month's newsletter are all designated TLP-GREEN, and are therefore restricted to the members of the Maritime Transportation System and related security partners:

Please login to view the attachments.

The Maryland-National Capital Region Area Maritime Security Committee (MD-NCR AMSC) has released their October 2021 Newsletter. You can scroll through it below.

Included with this month's newsletter are two attachments related to drones and cybersecurity:

• DHS CISA provided guidance for Responding to Drone Calls for Emergency Communications Centers.
• The MTS Information Sharing and Analysis Center (ISAC) is hosting a Webinar –
  “Discussion on Recent Maritime Cybersecurity Publications” on Wednesday October 20, 2021 @ 1300. Registration is required.

The Maryland-National Capital Region Area Maritime Security Committee (MD-NCR AMSC) has released their September 2021 Newsletter. You can scroll through it below.

One note of interest is the three-day District of Columbia 2021 Interoperability Summit

Also, the newsletter has a number of events of note listed in its content including:

• September 13^th: Virtual Critical Asset Tour of Curtis Bay / Creek
• September 14^th: Virtual Critical Asset Tour of Anacostia & Potomac rivers.
• September 16^th: Maritime Tactical Operators Group meeting.
• September 30^th: LE and Passenger Vessel familiarization training
• September 30^th: DC Interoperability Summit (Virtual & In Person)
• October 5^th: AMSC Intel Subcommittee meeting
• October 13^th: AMSC National Capital Region virtual meeting.

The Maryland-National Capital Region Area Maritime Security Committee (MD-NCR AMSC) has released their August 2021 Newsletter. You can scroll through it below. One note of interest is the Coast Guard Safety Advisory informing high tension wire construction over the Patapsco River in Baltimore, MD that will require periodic partial or full river closure during this construction period. It should also be noted that this month's AMSC meeting is cancelled due to the pandemic.

• FY21 FEMA PSGP Award Allocations: FEMA released the PSGP FY21 award winners. Congratulations to Amports Inc, Maryland Port Administration, Maryland State Police, and Maryland Transportation Authority Police. There will be more discussion on this topic at upcoming AMSC meetings as we prepare for the FY22 PSGP cycle.
  
  
• MSIB 08-21 COTP Safety Zone: Safety Zone for Patapsco River, Baltimore, MD for BGE Overhead Transmission Lines Installation Activities.
  
  
• Joint CSA Top Routinely Exploited Vulnerabilities: The U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), the United Kingdom’s National Cyber Security Centre (NCSC), and the U.S. Federal Bureau of Investigation (FBI) released this Joint Cybersecurity Advisory.
  
  
• U.S. Wind Mariners Briefing: U.S. Wind signed a long-term lease for 90 waterfront acres at Tradepoint Atlantic, a 3,300-acre logistics center in Baltimore County (SE of the Key Bridge), where it plans to assemble turbine components and start a company called Sparrows Point Steel. The steel factory will make the towers that anchor wind turbines to the ocean floor. Sparrows Point was once the site of the largest steel mill in the world and a major player in shipbuilding and steel production, including for the girders of the Golden Gate Bridge, before it closed in 2012.
  
  

The Maryland-National Capital Region Area Maritime Security Committee (MD-NCR AMSC) has released their July 2021 Newsletter. You can scroll through it below.

The bulletins along with this month's newsletter are all designated TLP-GREEN, and are therefore restricted to the members of the Maritime Transportation System and related security partners:

Please login to view the attachments.

Sector Maryland-National Capital Region has released MSSB 05-21 for the Security and Safety Zone for the Washington, D.C. July 4th Celebration. You can scroll through it below.

The Maryland-National Capital Region Area Maritime Security Committee (MD-NCR AMSC) has released their June 2021 Newsletter. You can scroll through it below.

Covered in this newsletter is info on a ransomware attack on a MTS stakeholder, and an info sheet on how to protect your IT systems against ransomware. Also, Sector Intel is visiting marinas around the WDC area to see if any activity is being planned for the July 4th holiday. Other items included:

• A CISA Fact Sheet: Ransomware attacks targeting critical infrastructure have demonstrated the rising threat of ransomware to operational technology assets and control systems. All organizations are at risk of being targeted by ransomware and have an urgent responsibility to protect against ransomware threats. Critical infrastructure asset owners and operators should adopt a heightened state of awareness and voluntarily implement the recommendations listed in this document.
  
• CISA Training, Bombing Prevention Awareness: June 29^th
  
• CISA Training, IED Search Procedures: June 30^th
  
• CISA Training, VBIED Detection Training: July 1^st
  

The following bulletin is designated TLP-GREEN, and is therefore restricted to the members of the Maritime Transportation System and related security partners:

Please login to view the attachments.

The Maryland-National Capital Region Area Maritime Security Committee (MD-NCR AMSC) has released their May 2021 Newsletter. You can scroll through it below.

Of particular interest to those performing patrols and other operational and public facing activities is the information about the First Amendment Audits group, a social movement made up of individuals interested in making videos of their encounters with public officials. Please see the first paragraph of page two in the newsletter.

Included with the newsletter are a number of Cybersecurity bulletins, including best practices for preventing disruptions from ransomware attacks, an advisory regarding Avaddon Ransomware, and MTS Phishing Email Likely Associated with Russian Espionage Group:

• A Joint Cybersecurity Advisory: DarkSide Ransomware - Best Practices for Preventing Business Disruption from Ransomware Attacks
  

The following bulletins are designated TLP-GREEN, and are therefore restricted to the members of the Maritime Transportation System and related security partners:

Please login to view the attachments.

The Maryland-National Capital Region Area Maritime Security Committee (MD-NCR AMSC) has released their April 2021 Newsletter. You can scroll through it below.

Included with the newsletter:

• An Unmanned Aircraft Systems (UAS) Guide: Understanding UAS operations and regulations assists in protecting and securing the Maritime Transportation System against unsafe and unlawful drone operators.
  

Also included are MTS - ISAC Cybersecurity updates that are designated TLP-GREEN, and are therefore restricted to the members of the Maritime Transportation System and related security partners:

Please login to view the attachments.

The Maryland-National Capital Region Area Maritime Security Committee (MD-NCR AMSC) has released their March 2021 Newsletter. You can scroll through it below.

FEMA released the Notice of Funding Opportunity (NOFO) for the FY-2021 PSGP. FEMA also released a 2021 Investment Justification form. FEMA also offers several technical assistance conference calls throughout the next few weeks. See attached:

• Notice of Funding Opportunity (NOFO)
  
• Technical Assistance Outreach Series Information and Invitation
  
• IJ Template spreadsheet
  

The following attachments are designated TLP-GREEN, and are therefore restricted to the members of the Maritime Transportation System and related security partners:

Please login to view the attachments.

FEMA PSGP reference documents related to the FY-2021 Port Security Grant Program that was mentioned in the last AMSC post are available here for anyone interested.  They include general information, the Notice of Funding Opportunity (NOFO), and an application template.

PSGP Reference Documents

The Maryland-National Capital Region Area Maritime Security Committee (MD-NCR AMSC) has released their February 2021 Newsletter. You can scroll through it below.

The AMSC also included the following attachments with the February newsletter:

• A cybersecurity maritime security information bulletin from Sector Los Angeles-Long Beach.
  
• The annual Port Security Grant Program (PSGP) announcement.  Followup 2/25/2021:  Additional FEMA documents regarding the PSGP have been provide.
  
• Active Shooter Preparedness and awareness webinar that will be held on March 5th, 2021 (registration required).
  

The Maryland-National Capital Region Area Maritime Security Committee (MD-NCR AMSC) has released their January 2021 Newsletter. You can scroll through it below.

The AMSC also included the following attachments with the January newsletter:

• The Maritime Safety and Security Bulletin 01-21 describes the Security Zone for the 59th Presidential Inauguration and associated activities.
  
• The Department of Homeland Security (DHS)/Cybersecurity and Infrastructure Security Agency (CISA) developed the Port Facility Cyber Security Risks infographic to show examples of how cyber-attacks could impact different aspects of port operations.
  

Please login to view the details of this post.

The Maryland-National Capital Region Area Maritime Security Committee (MD-NCR AMSC) has released their November 2020 Newsletter. You can scroll through it below.

The AMSC also included the following attachments with the November newsletter:

• The PSGP pamphlet serves as a guide to the Port Security Grant Program's application and submission process.
  
• The CGCYBER CPT Overview details information from the Coast Guard Cyber Command regarding the Cyber Protection Teams NO COST assessment and mitigation services for cyber threats to the Maritime Transportation System.
  

The Maryland-National Capital Region Area Maritime Security Committee (MD-NCR AMSC) has released their October 2020 Newsletter. You can scroll through it below.

The AMSC also included the following attachments with the October newsletter:

• The TWIC Stakeholder Communications Committee released their September 2020 TWIC updates.
  
• NCR Intelligence released a report regarding a trespasser at a Baltimore MTSA Regulated Facility. Please note that the Facility made correct and prompt notifications to the NCR and Coast Guard.
  

• The MTS Cyber Characteristics and Challenges document provides an overview of the MTS, its relationship to cyberspace, and the challenges that relationship presents.
• CISA provided a Ransonware Guide that focuses on Prevention and Response to Ransomware.
• The Cyber Protection Team (CPT) Information Overview from the Coast Guard Cyber Command provides information regarding the Cyber Protection Teams NO COST assessment and mitigation services for cyber threats to the Maritime Transportation System.

 (All of these documents can also be found in the AMSC October 2020 newsletter folder on Google Drive)

The Maryland-National Capital Region Area Maritime Security Committee (MD-NCR AMSC) has released their September 2020 Newsletter.  In the "Unmanned Aircraft Systems" paragraph on page two of the newsletter, there is also mention of a UAS Informational Pamphlet that you may wish to review and use. 

The Maryland-National Capital Region Area Maritime Security Committee (MD-NCR AMSC) has released their August 2020 Newsletter.

The Maryland-National Capital Region Area Maritime Security Committee (MD-NCR AMSC) has released their July 2020 Newsletter.

For those interested, the Maryland-National Capital Region Area Maritime Security Committee (MD-NCR AMSC) has released their June 2020 Newsletter.

For those interested, the Maryland-National Capital Region Area Maritime Security Committee (MD-NCR AMSC) has released their May 2020 Newsletter.

For those interested, FEMA has released Information Bulletin #449 regarding the Expedited Period of Performance Extension Process for Certain FY 2016 and 2017 Preparedness Grants.

From: Dolbow, Frederick H CIV
Date: Tue, Mar 3, 2020 at 15:42
Subject: Cyber Incident Port of Baltimore

Good morning,
Additional information:

On 24 FEB 2020 a Maritime Transportation Security Act (MTSA) regulated facility in the Port of Baltimore reported to CG Sector MD-NCR and the National Response Center (NRC) that a ransomware cyber security incident had occurred at their facility.

The company's IT staff were notified via an alert on the company's file server management system, Trend Micro and native windows detection, that encrypted files were replicated from one of their facilities in another country to the company's Baltimore, MD facility.

The company's IT staff responded to the incident in both locations by isolating the affected servers and removing the them from the network. Post-incident analysis resulted in the ITs determining that port scanning had occurred prior to the incident and identified that the penetration occurred via an administrators account. The account is suspected of being accessed through a port vulnerability in the Remote Desktop Protocol (RDP).

Upon gaining access to the systems, the threat actors gained administrative access and uploaded malicious ransomware software that encrypted shared server files on a virtual server running the VMware ESXi host.

Hash analysis identified the ransomware as PHOBOS. The server encrypted all data in its own SYSVOL folder, which replicated to all of the company's domain controllers.

The identified port vulnerability has been corrected and all IT systems have been restored with no operational impact.

Please contact me with any further questions.

Fred Dolbow
Port Security/Recovery Specialist
USCG Sector Maryland-National Capitol Region
2401 Hawkins Point RD
Baltimore, MD 21226

From: "Dolbow, Frederick H CIV"
Date: February 25, 2020 at 20:05:32 GMT+1
To: Undisclosed recipients:;
Subject: Cyber Incident Port of Baltimore

Good afternoon,

On Monday 25 February a MTSA regulated facility reported computers and servers at their Baltimore location were affected by Ransomware that originated from the company's equipment located in another country. The Ransomware caused the encrypted files at their company's location in another country to be replicated to a server at their Baltimore location. The company's IT personnel removed the affected hardware in both locations.

For more information on ransomware-related best practices and other resources please visit the Cybersecurity and Infrastructure Security Agency (CISA) Ransomware Resource Page.

As a reminder, suspicious activity and breaches of security, including breaches of telecommunications equipment, including computer, system and network security measures which support functions described in the facility security plan or could contribute to a Transportation Security Incident (TSI), must be reported to the National Response Center (NRC) at (800) 424-8802. For additional guidance on the defining and reporting of cyber incidents refer to CG-5P Policy Letter 08-16, "Reporting Suspicious Activity and Breaches of Security."

The Coast Guard encourages companies and their facilities to remain vigilant in the identification and prompt reporting of suspicious cyber-related activities.

Fred Dolbow
Port Security/Recovery Specialist
USCG Sector Maryland-National Capitol Region
2401 Hawkins Point RD
Baltimore, MD 21226

UPDATE: 10 MAR 2020:
ALCON - The Maryland Port Administration is postponing the planned 1 April Evacuation Exercise out of concern for the Coronovirus that was to be held at the Baltimore Cruise Terminal.

This is an excellent example of Risk Management action to protect people from a health risk.

The Evacuation Exercise will be rescheduled for a future date.

Respond by 23 March.

The Fifth Southern District Marine Safety (MS) Forums is offering classes in a training program for the Marine Environmental Protection (MEP) qualification otherwise known as AUXMEES (Auxiliary Marine Environmental Educational Specialist), throughout this year. The classes provide online classes on the manuals that are needed to pass for this position.

This is a good opportunity for personnel who only want to become AUXMEES qualified or take the first (and second step with the MSAM course) to earn an M-PRO Trident pin. Our esteemed FSO-MS, John Milkiewicz, can assist you by providing mentoring for the courses and PQSes. Please let John know if there are any questions.

Monthly Forums occur online during the second and third Thursdays of each month starting at 1930 and typically running through 2130.

Register for the first online monthly MS Forum I through the Fifth Southern District Calendar or at: https://attendee.gototraining.com/r/7582222693618785538

Register for the second online monthly MS Forum through the Fifth Southern District Calendar or at https://attendee.gototraining.com/r/4576326128583272705

After registering you will receive a confirmation email containing information about joining the training.

Be sure to test your connection prior to each session.

Note that course material for each course is covered in one day. If a single course is shown on two days, it is a repeat so that more people have the opportunity to attend to the course.

The Area Maritime Security Committee (AMSC) has disseminated a pair of bulletins that will be of interest to anyone trying to maintain their situational awareness of security issues facing the Nation.

ADVISORY: NSA_CSA_TURLA_20191021

Released in late 2019, the advisory on advanced persistent threat (APT) group Turla, issued jointly by the National Security Agency (NSA) and the United Kingdom National Cyber Security Centre (NCSC), provides an update to NCSC’s January 2018 report on Turla’s use of the malicious Neuron, Nautilus, and Snake tools to steal sensitive data.

BULLETIN: 20_0104 NTAS Bulletin

This bulletin, issued earlier in January by the National Terrorism Advisory System, provides a summary of the Iranian terrorism threat to the U.S. Homeland.

A new "Beach Cleanup Guide" for use by Auxiliarists participating in Auxiliary or other agency sponsored beach cleanups is available as a PDF download on the Prevention website. You can also scroll through the PDF below.

You can scroll through the presentation preview below. You may also download the actual Power Point file.

Read the article on WTOP

We have been experiencing super weather the past few months. In the major storms that have been occurring there are expected to be more trash and debris entering our waterways. One of the ways to keep our waters clean and make it possible is by doing beach clean-ups where you can get the whole community involved.

The Ocean Conservancy and NOAA Marine Debris made an instructor guide that has both instructional and hands-on activities: Talking Trash and Taking Action Instructor's Guide.

If you weren't at the January 16^th Flotilla meeting, you missed out!  But you can still check out the presentation John M gave about Marine Environmental Issues related to Garbage.

You can view the presentation in either Powerpoint or PDF format.

If you are interested in obtaining your MS Trident, you should start recording your MS hours now.

One of the requirements for the Trident is that you have to record 96 MS hours a year, for five years - the years do not have to be consecutive but it's better to do it that way to get that requirement out of the way.

Please review the January 2017 MS Report for more details about requirements for AUX MEES and the MS Trident device.

Click here for the AUX-MEES PQS

Click here for the Study Guide

The following are Part 1 and Part 2 of a slide show covering the Marine Safety and Environmental Protection Mission of the Coast Guard Auxiliary:

• Part 1
• Part 2