ALLHAZARDS CRITICAL THREAT OUTLOOK AUGUST 21, 2017 Page 1 of 6

Critical Threat Outlook (CTO) AUGUST 21, 2017

The Critical Threat Outlook (CTO) is a weekly outlook highlighting expected and potential critical threats to areas in the U.S for the coming week. The CTO draws on a wide range of open source intelligence sources. It is a subscriber service. For more information, see allhazards.net.

EXECUTIVE SUMMARY

l Red threat for Wildfire based on conditions and human risk during eclipse; Cyberattack based on widespread vulnerabilities and high attack capability of foreign actors; Adversarial based on risk of violent clashes in U.S. cities especially San Francisco. Note also special yellow hazard for Solar eclipse. Weather outlook and hazards. Risk for heavy rain across parts of the Central Plains, MS Valley and the Great Lakes Mon/Tue and into the Carolinas Wed/Thu. Flooding possible across parts of the Central and Southern Plains. Two tropical systems could create heavy rain for FL through the period. Much above normal temperatures possible for parts of the West and Plains at the end of the period. Severe weather expected for parts of the MS Valley and Upper Midwest Monday, and the lower Great Lakes through much of the OH Valley Tuesday. Hurricane Kenneth in Pacific not currently considered threat to HI. The National Hurricane Center is monitoring three areas in the Atlantic which could affect the U.S. Fire weather conditions will increase in the Northwest and Northern Rockies through the week. Other natural hazards. No significant earthquakes last week. Kīlauea Volcano in HI and Bogoslof and Cleveland in AK are at watch level. Significant wildfire potential midweek in the Northwest and Northern Rockies. Concern over human-caused wildfires this week due to Solar Eclipse viewers. Severe to exceptional (D2-D4) drought coverage decreased slightly from 5.38 percent to 5.33 percent across the continental U.S.. Cybersecurity, technological & adversarial hazards. A hacker published the Apple iPhone secure enclave decryption key. Voter registration data for all of Chicago’s 1.8m voters exposed. Google removed a Chrome extension used in banking fraud. Blizzard Entertainment hit with DDOS attack. Some LockState smart locks bricked by an update. USB connections less secure than previously thought. More “alt-right” rallies and/or counter-protests are expected. All Confederate monuments may be at risk of rallies or protests. A rally and counter-protest at San Francisco, Oakland & Berkeley Saturday may be particularly explosive. Special: Solar eclipse. A solar eclipse will occur Monday. Main hazard concerns influx of viewers to path of total eclipse; communications overload due to population shifts; concerns about viewers in state parks starting wildfires; concerns about distracted drivers causing collisions; strain on power grids due to drop in solar energy production; temperature fluctuations due to lack of solar heating.

Red=high risk, orange=significant risk, green=minimal risk.

© Copyright 2017 AllHazards.net, a product of Wild Consulting & Innovations LLC. While every effort is made to ensure accuracy,

nothing in this outlook should be relied upon as a primary or sole source of information for critical decision-making.

ALLHAZARDS THREAT MATRIX AUGUST 21-27, 2017

Weather Tornado / Severe Hurricane Flooding Snow / Ice Heat Cold

Natural Wildfire Drought Volcano Health Special Threats ¯

Cyber, Tech & Adversarial Cyberattack Nuclear Solar Adversarial Solar Eclipse

ALLHAZARDS CRITICAL THREAT OUTLOOK AUGUST 21, 2017 Page 2 of 6

WEATHER OUTLOOK AND HAZARDS

FOCUS #1 FOCUS #2 FOCUS #3

SEVERE WEATHER RISK MON/TUE, MAIN RISKS HAIL

AND DAMAGING WINDS

NHC MONITORING THREE

SYSTEMS IN THE ATLANTIC. FL MAY BE AT RISK MIDWEEK FROM

MIDDLE SYSTEM.

HURRICANE KENNETH IN THE PACIFIC IS NOT CURRENTLY CONSIDERED A THREAT TO

HI.

ALLHAZARDS CRITICAL THREAT OUTLOOK AUGUST 21, 2017 Page 3 of 6

Overview. A progressing surface low will create a risk for heavy rain across parts of the Central Plains, MS Valley and the Great Lakes Mon/Tue and into the Carolinas Wed/Thu, and severe storms in the Great Lakes and OH Valley Tuesday. Flooding is possible across parts of the Central and Southern Plains. Two tropical systems could create heavy rain for FL through the period. Much above normal temperatures possible for parts of the West and Plains at the end of the period, although cooler temperatures are expected by the end of the week over much of the Continental U.S. Severe Weather: Severe weather expected for parts of the MS Valley and Upper Midwest Monday, and the lower Great Lakes through much of the OH Valley Tuesday. Main risk winds and hail (Focus #1). Hurricane: Hurricane Kenneth is strengthening as it moves West in the Pacific but is not currently considered a threat to HI. The National Hurricane Center is monitoring three areas in the Atlantic which could affect the U.S. (Focus #2). The remnants of Tropical Storm Harvey may redevelop in the next few days (50% probability), with the Caribbean most likely at risk. A trough north of Puerto Rico may develop by midweek and threaten FL (20% probability). A third area further East is not expected to have further development in the next few days (10% probability). Fire weather: Fire weather conditions will increase in the Northwest and Northern Rockies through the week. Long term outlook: CPC 3-month forecasts anticipate above-normal temperatures for all of the U.S. including AK and above normal precipitation in parts of the South and East, and southern AK.

Specific Weather Hazards

• Heavy rain across portions of the central Plains, the Middle and Upper Mississippi Valley, and the Great Lakes, Mon-Tue, Aug 21-Aug 22.

• Severe weather across portions of the Great Lakes and the Ohio Valley, Tue, Aug 22. • Heavy rain across portions of the eastern Carolinas, Wed-Thu, Aug 23-Aug 24. • Heavy rain across portions of Florida, Tue-Fri, Aug 22-Aug 25. • Flooding possible across portions of the Central Plains and the Southern Plains. • Slight risk of much above-normal temperatures for portions of the Great Basin, the Northern

Plains, the Northern Rockies, California, the Pacific Northwest, and the Southwest, Sun-Fri, Aug 27-Sep 1.

• Moderate risk of much above-normal temperatures for portions of the Northern Rockies and the Northern Great Basin, Sun-Tue, Aug 27-Aug 29.

• Severe Drought across the Central Plains, the Northern Plains, Hawaii, the Northern Rockies, the Middle Mississippi Valley, California, and the Upper Mississippi Valley.

Sources & more information: NOAA Weather http://weather.gov NOAA Climate Prediction Center http://www.cpc.ncep.noaa.gov NOAA Storm Prediction Center: http://www.spc.noaa.gov/ NOAA National Hurricane Center: http://www.nhc.noaa.gov/ NOAA Weather.gov Graphical Forecasts http://graphical.weather.gov/sectors/conusWeek.php NOAA WPC Winter Weather Forecasts http://www.wpc.ncep.noaa.gov/wwd/winter_wx.shtml

ALLHAZARDS CRITICAL THREAT OUTLOOK AUGUST 21, 2017 Page 4 of 6

OTHER NATURAL HAZARDS

PRIOR WEEK EARTHQUAKES VOLCANO STATUS

MONTHLY WILDFIRE OUTLOOK DROUGHT PUBLIC HEALTH

NO PUBLIC HEALTH GRAPHIC THIS WEEK

Overview. Earthquakes: No significant earthquakes last week in the U.S. Volcanoes: Kīlauea Volcano in HI and Bogoslof and Cleveland in AK are at watch level. Mauna Loa in HI and Pavlov in AK are at advisory status. Wildfires: Significant acreage gains were reported on large fires in OR, MT, ID and CA. Extreme fire behavior caused the Chetco Bar fire in OR to burn an additional 12,000 acres. The Lolo Peak fire in Montana was also very active and gained more than 9,000 acres. Nationally, 44 large fires have burned more than 400,000 acres in eight states. Significant fire potential midweek in the Northwest and Northern Rockies. Concern over human-causes wildfires this week due to Solar Eclipse viewers. Drought: The U.S. Drought Monitor valid on Aug 15 indicates that severe to exceptional (D2-D4) drought coverage decreased slightly from 5.38 percent to 5.33 percent across the continental U.S. Public Health: None this week.

Sources & more information: US Geological Survey Earthquakes http://earthquake.usgs.gov/ US Geological Survey Volcanoes: http://volcano.usgs.gov/ NIFC http://www.nifc.gov USFS Active Fire Maps https://fsapps.nwcg.gov/afm/ US Drought Monitor http://droughtmonitor.unl.edu/ CDC http://www.cdc.gov

ALLHAZARDS CRITICAL THREAT OUTLOOK AUGUST 21, 2017 Page 5 of 6

CYBERSECURITY, TECHNOLOGICAL & ADVERSARIAL HAZARDS

CYBERATTACKS NUCLEAR RADIATION SOLAR

UNUSUAL CYBERATTACK ACTIVITY AT TIME OF WRITING (FROM DIGITALATTACKMAP.COM)

CURRENT RADIATION READINGS AT TIME OF WRITING (FROM RADIATIONNETWORK.COM)

PREDICTED SOLAR ACTIVITY

FOR MON/TUE Cybersecurity & Privacy. A hacker published the Apple iPhone secure enclave decryption key, but immediate threats are not identified [C1]. Voter registration data for all of Chicago’s 1.8m voters was exposed on a publicly-accessible server [C2]. Google removed a Chrome extension used in banking fraud [C3]. Blizzard Entertainment was hit with a weekend Distributed Denial of Service (DDOS) attack [C4]. Some chaos reported as some LockState smart locks were bricked by an update [C5]. USB connections are less secure than previously thought [C6]. Technological. Nuclear: No reports of nuclear incidents. Solar: No disruptive solar weather events expected. Other: None. Adversarial. More “alt-right” rallies and/or counter-protests are expected after the Charlottesville incident reported last week. All Confederate monuments may be at risk of rallies or protests [A1]. A rally and counter-protest at San Francisco, Oakland & Berkeley Saturday may be particularly explosive [A2]. [C1] https://threatpost.com/hacker-publishes-ios-secure-enclave-firmware-decryption-key/127524/ [C2] https://threatpost.com/vendor-exposes-backup-of-chicago-voter-roll-via-aws-bucket/127538/ [C3] https://threatpost.com/google-removes-chrome-extension-used-in-banking-fraud/127469/ [C4] https://threatpost.com/blizzard-entertainment-hit-with-weekend-ddos-attack/127440/ [C5] https://threatpost.com/smart-locks-bricked-by-bad-update/127427/ [C6] http://www.homelandsecuritynewswire.com/dr20170816-usb-connections-less-secure-than-has-been-thought [A1] https://www.washingtonpost.com/business/economy/democrats-say-confederate-monuments-are-now-white-supremacist-rallying-points/2017/08/20/b735142e-85ad-11e7-a94f-3139abce39f5_story.html?utm_term=.4a1ab9fba933 [A2] http://www.sfexaminer.com/white-supremacist-patriot-rally-coming-san-francisco-counter-protest-already-planned/ Twitter @allhazardsblog https://twitter.com/allhazardsblog US-CERT cybersecurity alerts https://www.us-cert.gov/ncas/alerts Homeland Security News Wire http://www.homelandsecuritynewswire.com/topics/cybersecurity Krebs on Security Blog http://www.krebsonsecurity.com/ Schneier on Security Blog https://www.schneier.com/ ThreatPost https://threatpost.com Digital Attack Map http://digitalattackmap.com Rand Corporation News http://www.rand.org/news.html ARS Technica Security & Hacktivism https://arstechnica.com/security/ Reddit Intelligence, Security, Nuclear, Nuclear Power, Privacy, Protest https://www.reddit.com IAEA nuclear events https://www-news.iaea.org/EventList.aspx?pno=0&sc=EventDate Radiation Network http://radiationnetwork.com/index.htm Space Weather Prediction Center http://www.swpc.noaa.gov/ Google News http://news.google.com

ALLHAZARDS CRITICAL THREAT OUTLOOK AUGUST 21, 2017 Page 6 of 6

SPECIAL: SOLAR ECLIPSE

SOLAR ECLIPSE PATH OF TOTALITY, EXPECTED CLOUD COVER AND EDT TIMING OF MAXIMUM EFFECT

A solar eclipse will occur Monday. The eclipse will be total for a narrow path from Northwest to East, but near-total for much of the continental U.S. The first partial eclipse is expected in the Northwest at 16:04pm UT (9:04am PT) and conditions will return to normal for the East at 20:11pm UT (4:11pm ET). Details for specific locations can be found on NASA’s site [S1]. Main hazard concerns during the Eclipse include

• Influx of viewers to path of total eclipse [S2] • Communications overload due to population shifts [S3] • Concerns about viewers in state parks starting wildfires [S4] • Concerns about distracted drivers causing collisions • Strain on power grids due to drop in solar energy production [S5] • Temperature fluctuations due to lack of solar heating [S6]

[S1] https://eclipse2017.nasa.gov/sites/default/files/interactive_map/index.html [S2] http://thehill.com/homenews/state-watch/347134-states-prepare-for-massive-influx-of-eclipse-visitors [S3] http://fox4kc.com/2017/08/14/as-skies-go-dark-cell-phone-connections-could-blackout-during-eclipse/ [S4] https://www.csmonitor.com/USA/2017/0817/Forest-rangers-prepare-for-influx-of-eclipse-watchers-in-US-West [S5] http://www.businessinsider.com/solar-eclipse-power-grid-electricity-2017-8 [S6] http://www.twcnews.com/nc/triangle-sandhills/weather/2017/08/3/total-solar-eclipse-could-cause-a-brief-temperature-drop.html