Mobile networks (sporadic even before the crisis) have been largely restored, and there is scope for retrieving actionable information
The physical security community is contributing expertise and equipment of many kinds to the country
As rescue teams and aid workers from around the world converge on Nepal after the country's 7.8-magnitude earthquake, the physical security community is contributing expertise and equipment of many kinds to a country whose government has described it as being “on a war footing.” At time of writing, conservative estimates of the fatalities are around 5,000, but many, including President Ram Baran Yadav, believe the total will exceed 10,000. The United Nations has declared that a million people are in need of food and shelter.

Reaching out

The security industry has been quick to react to this emergency, and the range of responses underlines how closely security and emergency professionals can work when there is an overwhelming need. Dogs trained to detect survivors amid debris, thermal imaging sensors, conventional CCTV cameras, drones and situational awareness technology are all on the ground or being transported from Gorkha, the nearest airport to the quake epicentre. But the environment (in what is already among the world's poorest countries) will be one of scant electric power and few fixed communication systems.

Mobile networks (sporadic even before the crisis) have been largely restored, and there is scope for retrieving actionable information from micro-blogging services such as Twitter. Dedicated emergency mass notification systems of the kind used in many other parts of the world will be unheard-of here. But since 9/11, the 2004 Indian Ocean tsunami, and the 2010 and 2011 earthquakes in Haiti and Japan respectively, the disaster response community has developed software that can reveal the scope of a crisis from Twitter and distinguish messages containing tactical information and specific details from those that are merely empathetic chatter.

Video footage from Reuters drones has revealed the location of makeshift tented villages in remote areas and has helped rescuers to create a map of the situation. Canadian company Aeryon Labs, a manufacturer of sUAS (Small Unmanned Aerial Systems) has sent three of its units to Nepal. Known in common parlance as drones, the sUAS will be able to provide emergency coordinators with stabilised 1080p H.264 electro-optical video and 640x480 infrared footage as well as detecting body heat with thermal sensors.

Drones assist in rescue operations

This kind of drone activity will also produce 2D and 3D maps of the devastated area to assist incident coordinators
Ground-based drones on tether cables are also being deployed and their thermal sensors may save lives

This kind of drone activity will also produce 2D and 3D maps of the devastated area to assist incident coordinators and has the merit of making no support demands in terms of peripheral equipment. It should be remembered that there has been a 6.7MW aftershock as well as numerous tremors of at least 5MW. The whole region remains in flux. Use of drones also keeps first-responders out of harm's way in the event of post-quake tremors and eliminates the need for humans to investigate rubble piles that do not contain victims. Ground-based drones on tether cables are also being deployed, and their thermal sensors may save lives since they will create an alert if survivors' bodies are warming the debris that imprisons them. These drones are more akin to a miniature tank and in addition to thermal sensors they feature cameras and audio.

Rescuers are also likely to be using endoscope cameras with diameters as small as 11mm on flexible poles. They can be squeezed through miniscule gaps in rubble to locate trapped survivors, and unnecessary movement of detritus can be minimised. Precise techniques are vital in confined areas such as the remains of the 200-foot Dharahara tower in Kathmandu. One hundred and eighty people have died at the site, but there may yet be survivors in air pockets who must be protected from further impacts of rubble. There may also be survivors trapped in mountainous areas on the verge of further avalanches, and endoscope cameras will be invaluable in these situations.

Supplying vital equipment

The physical security community will be supplying various equipment to show rescuers how stable a piece of ground is, identify hazardous materials, survey areas quickly, and identify optimum routes through which victims can be ferried to helicopters and field hospitals. (Médecins Sans Frontières has provided an inflatable hospital.)

The relief operations are being conducted by all sectors of the security and safety community with firefighters from my home county of Sussex on the south coast of England flying to Kathmandu this week. Using listening devices, breaking and breaching tools, lifting gear and shoring equipment, the specialist fire staff is working alongside the charity Search and Rescue Assistance in Disasters (SARAID).The sound and vibration devices are part of 1.5 tonnes of equipment (including generators) that has been flown out of a Royal Air Force base. Other teams will use carbon dioxide detectors to find survivors who may be unconscious and unable to indicate their location audibly, this being a technique that can only be used to rescue people from confined spaces where the CO2 from their breathing is apparent to the detectors.

Rescuers are also likely to be using endoscope cameras with diameters as small as 11mm on flexible poles

Any intervention from Nepal's neighbor, China, will attract political analysis – much of it cynical – but it should be noted that a 62-person Chinese search and rescue team with sniffer dogs (German shepherds) is on the ground in the Kathmandu Valley, which is the location of the latest tremor as I write. A 70-strong Japanese rescue team (primarily police officers and with four dogs - two Labradors and two German shepherds) has been delayed in its arrival after the miniscule airports in the Kathmandu region became overwhelmed with up to 14 planes circling at any one time. Some of planes have had to divert in order to refuel.

Google’s rescue work

The IT perspective on the disaster includes use of online resources such as Google Person Finder, and for Google the earthquake has become personal with senior engineer Dan Fredinburg being among 17 climbers who perished in an avalanche at Everest base camp. Fredinburg, who worked for the Project X division, had the goal that in the future people would be able to climb major mountains using Google Maps. Three other Google employees survived the base camp incident. The company is endeavouring to activate satellite imagery of the area to help with rescue efforts, but cloud cover is proving a hindrance. The 17 deaths and 61 injuries at the foot of Everest constitute the most serious incident ever on the mountain.

While mapping specialists, emergency architects, humanitarian workers and the charitable sector have responded magnificently to this extraordinary event and its continuing, ever-deepening challenges, the physical security sector should take a measure of pride in the functionality of its offerings, the flexibility of their deployment and the ingenuity of the operators.

Share with LinkedIn Share with Twitter Share with Facebook Share with Facebook
Download PDF version

Author profile

Jeremy Malies European Correspondent, SourceSecurity.com

Jeremy Malies is a veteran marketeer and writer specialising in the physical security sector which he has covered for 20 years. He has specific interests in video analytics, video management, perimeter intrusion and access control.

In case you missed it

Managing security during unprecedented times of home working
Managing security during unprecedented times of home working

Companies are following government guidance and getting as many people as possible working from home. Some companies will have resisted home working in the past, but I’m certain that the sceptics will find that people can be productive with the right tools no matter where they are. A temporary solution will become permanent. But getting it right means managing risk. Access is king In a typical office with an on-premise data centre, the IT department has complete control over network access, internal networks, data, and applications. The remote worker, on the other hand, is mobile. He or she can work from anywhere using a VPN. Until just recently this will have been from somewhere like a local coffee shop, possibly using a wireless network to access the company network and essential applications. CV-19 means that huge numbers of people are getting access to the same desktop and files, and collaborative communication toolsBut as we know, CV-19 means that huge numbers of people are getting access to the same desktop and files, applications and collaborative communication tools that they do on a regular basis from the office or on the train. Indeed, the new generation of video conferencing technologies come very close to providing an “almost there” feeling. Hackers lie in wait Hackers are waiting for a wrong move amongst the panic, and they will look for ways to compromise critical servers. Less than a month ago, we emerged from a period of chaos. For months hackers had been exploiting a vulnerability in VPN products from Pulse Secure, Fortinet, Palo Alto Networks, and Citrix. Patches were provided by vendors, and either companies applied the patch or withdrew remote access. As a result, the problem of attacks died back.  But as companies race to get people working from home, they must ensure special care is taken to ensure the patches are done before switching VPNs on. That’s because remote desktop protocol (RDP) has been for the most part of 2019, and continues to be, the most important attack vector for ransomware. Managing a ransomware attack on top of everything else would certainly give you sleepless nights. As companies race to get people working from home, they must ensure special care is taken to ensure the patches are done before switching VPNs on Hackers are waiting for a wrong move amongst the panic, and they will look for ways to compromise critical serversExposing new services makes them also susceptible to denial of service attacks. Such attacks create large volumes of fake traffic to saturate the available capacity of the internet connection. They can also be used to attack the intricacies of the VPN protocol. A flow as little as 1Mbps can perturbate the VPN service and knock it offline. CIOs, therefore, need to acknowledge that introducing or extending home working broadens the attack surface. So now more than ever it’s vital to adapt risk models. You can’t roll out new services with an emphasis on access and usability and not consider security. You simply won’t survive otherwise. Social engineering Aside from securing VPNs, what else should CIO and CTOs be doing to ensure security? The first thing to do is to look at employee behaviour, starting with passwords. It’s highly recommended that strong password hygiene or some form of multi-factor authentication (MFA) is imposed. Best practice would be to get all employees to reset their passwords as they connect remotely and force them to choose a new password that complies with strong password complexity guidelines.  As we know, people have a habit of reusing their passwords for one or more online services – services that might have fallen victim to a breach. Hackers will happily It’s highly recommended that strong password hygiene or some form of multi-factor authentication (MFA) is imposedleverage these breaches because it is such easy and rich pickings. Secondly, the inherent fear of the virus makes for perfect conditions for hackers. Sadly, a lot of phishing campaigns are already luring people in with the promise of important or breaking information on COVID-19. In the UK alone, coronavirus scams cost victims over £800,000 in February 2020. A staggering number that can only go up. That’s why CIOs need to remind everyone in the company of the risks of clickbait and comment spamming - the most popular and obvious bot techniques for infiltrating a network. Notorious hacking attempts And as any security specialist will tell you, some people have no ethics and will exploit the horrendous repercussions of CV-19. In January we saw just how unscrupulous hackers are when they started leveraging public fear of the virus to spread the notorious Emotet malware. Emotet, first detected in 2014, is a banking trojan that primarily spreads through ‘malspam’ and attempts to sneak into computers to steal sensitive and private information. In addition, in early February the Maze ransomware crippled more than 230 workstations of the New Jersey Medical Diagnostics Lab and when they refused to pay, the vicious attackers leaked 9.5GB or research data in an attempt to force negotiations. And in March, an elite hacking group tried to breach the World Health Organization (WHO). It was just one of the many attempts on WHO and healthcare organisations in general since the pandemic broke. We’ll see lots more opportunist attacks like this in the coming months.   More speed less haste In March, an elite hacking group tried to breach the World Health Organization (WHO). It was just one of the many attempts on WHOFinally, we also have bots to contend with. We’ve yet to see reports of fake news content generated by machines, but we know there’s a high probability it will happen. Spambots are already creating pharmaceutical spam campaigns thriving on the buying behaviour of people in times of fear from infection. Using comment spamming – where comments are tactically placed in the comments following an update or news story - the bots take advantage of the popularity of the Google search term ‘Coronavirus’ to increase the visibility and ranking of sites and products in search results. There is clearly much for CIOs to think about, but it is possible to secure a network by applying some well thought through tactics. I believe it comes down to having a ‘more speed, less haste’ approach to rolling out, scaling up and integrating technologies for home working, but above all, it should be mixed with an employee education programme. As in reality, great technology and a coherent security strategy will never work if it is undermined by the poor practices of employees.

How does audio enhance security system performance?
How does audio enhance security system performance?

Video is widely embraced as an essential element of physical security systems. However, surveillance footage is often recorded without sound, even though many cameras are capable of capturing audio as well as video. Beyond the capabilities of cameras, there is a range of other audio products on the market that can improve system performance and/or expand capabilities (e.g., gunshot detection.) We asked this week’s Expert Panel Roundtable: How does audio enhance the performance of security and/or video systems? 

How have standards changed the security market?
How have standards changed the security market?

A standard is a document that establishes uniform engineering or technical criteria, methods, processes, and/or practices. Standards surround every aspect of our business. For example, the physical security marketplace is impacted by industry standards, national and international standards, quality standards, building codes and even environmental standards, to name just a few. We asked this week’s Expert Panel Roundtable: How have standards changed the security market as we know it?