Dec 11 2018

How to Mitigate Cybersecurity Threats to Public Safety Communications Systems

First responder agencies say that cybersecurity is important, but they are not doing enough to guard against dangers, a Motorola survey finds.

State and local governments rely on public safety agencies to provide critical support and communications in the event of emergencies or natural disasters. But what happens if those agencies’ own communications are taken down because of a cyberattack?

It is a worrying thought for many public safety agencies and their government partners — or at least it should be, based on the findings of a recent survey from Motorola Solutions. The survey of 120 and land mobile radio (LMR) system managers around the world in public safety, government and enterprise organizations found that nearly a quarter of respondents — 22 percent — are not taking any significant cybersecurity measures and just 11 percent of organizations cited establishing a cyber incident plan as a priority for the coming year.

As Urgent Communications reports, public safety agencies face numerous threats to their communications systems, including “swatting” attacks, in which criminals manipulate 911 calls to show that a call is originating from a location where a very serious criminal act has occurred or is occurring, leading public-safety answering points (PSAPs) to send a Special Weapons and Tactics (SWAT) team to the call location. PSAPs and public safety agencies also face threats from ransomware attacks that lock them out of their communications systems, attacks that lead to unauthorized network access allowing attackers to cripple systems, denial of service attacks and more. 

In addition to following basic cybersecurity measures like patching software and establishing rules around connecting portable storage devices via USB or other ports, public safety agencies can take several steps to bolster their security. 

Motorola suggests they need to lose the “set it and forget it” mindset on cybersecurity and continually evolve their security strategy, establish a holistic, risk-based security plan, and use proven cybersecurity frameworks and standards.

What Is the State of Public Safety Cybersecurity?

According to the survey, while 87 percent are extremely or moderately confident in the cybersecurity of their LMR systems, and 78 percent of organizations point to cybersecurity as extremely or very important, only 53 percent conduct active security monitoring, just 48 percent have documented security policies and procedures and only 42 percent patch their LMR systems. Meanwhile, less than a third (30 percent) say they conduct period risk assessments. 

And while cybersecurity is listed as the fourth most important aspect needed for LMR network performance, 18 percent of those surveyed say do not take any cybersecurity measures at all. 

The trends are similar for associated technologies, according to the survey. “For dispatch systems or command center technologies, only 56 percent conduct active security monitoring, followed by documenting security policies and procedures at 53 percent, security patching at 47 percent, periodic risk assessment at 36 percent, and 20 percent not applying any of these security measures,” the report says. “The levels are also comparable for broadband networks, mobile devices, cloud solutions and vendor-hosted solutions.”

MORE FROM STATETECH: See how 5G networks may impact first responders. 

How Public Safety Agencies Can Boost Communications Security

Public safety agencies can guard against threats to their communications systems by breaking free of the thought process that “once a security solution is in place, a system is protected with no further action needed.” 

“Cyber threats are constantly evolving,” Motorola’s report says. “The strategy and solution you have in place today need to evolve with the changing threat landscape.”

Monitoring is the most applied security measure in the survey, but it is not enough. “Managing and staying ahead of evolving threats requires consistently applying measures such as risk assessments, information assurance road maps, security patching, and active security monitoring to your LMR systems and associated technologies,” the report says. 

First responder agencies can also rely on cybersecurity standards as a guide. The National Institute of Standards and Technology’s cybersecurity framework and other standards, such as ISO 27001, are critical cybersecurity tools agencies should use, Motorola says. 

“They can help shed light on network vulnerabilities and risks, then guide users through each phase of cybersecurity: identify, protect, detect, respond, recover,” the report notes. “This has proven to be an effective approach and should be adapted to an organization’s individual security goals and resources.”

United States Marine Corps/Wikimedia Commons

aaa 1