Oct 31 2019

The Cybersecurity Needed for NG911 Systems

As public safety agencies transition to Next Generation 911 technology, they need to ensure their networks are secure.

States and counties across the United States are gradually transitioning from legacy 911 systems to allow callers to transmit richer and more detailed information about their emergencies. Staff at 911 call centers, known as public safety answer points, or PSAPs, can then provide that comprehensive information to first responders.

However, as the migration to Next Generation 911 unfolds, and as the networks that feed information to PSAPs become IP-based, there is a growing realization that such systems could become more vulnerable to cyberattacks. The worry is that if NG911 systems are hacked or compromised, they could endanger more lives than they save

That’s why state and local officials are increasingly focusing on the security needed for such systems. “The doors are going to be wide open,” Wisconsin CIO David Cagigal tells StateScoop. “These organizations are going to have to ramp up in an area they’re very unfamiliar with.”

MORE FROM STATETECH: What’s next for the FirstNet network?

The Cybersecurity Risks Facing NG911 Systems

As the Department of Homeland Security notes, legacy 911 services that run on voice-based telephone networks and computer-aided dispatch systems often operate on closed, internal networks. They face a lower risk of cyberattack because there are limited points of connection to outside networks.

In contrast, NG911’s interconnections and IP-based nature make them more vulnerable to compromise. “As cyber threats grow in complexity and sophistication, attacks could be more severe against an NG911 system as attackers can launch multiple distributed attacks with greater automation from a broader geography against more targets,” the DHS says. 

NG911 systems have several elements vulnerable to attack, including Emergency Services IP Networks, applications and databases.

NG911 systems, according to the DHS, are susceptible to man-in-the-middle attacks, denial-of-service attacks and unauthorized network access. They are also vulnerable to insider threats, attacks from malicious applications and unauthorized data access.

Cybersecurity risks to NG911 systems “have severe potential impacts, including loss of life or property because of hampered response operations; job disruption for affected network users; substantial financial costs from the unauthorized use of data and subsequent resolution; and potential lawsuits from those whose data is breached or whose lives are adversely affected,” according to the DHS. 

MORE FROM STATETECH: See how police departments make use of video wall technology to improve public safety. 

How to Protect NG911 Platforms from Attack

There are some basic steps that PSAPs can take to improve their cybersecurity posture. Cagigal says he worries about public safety officials’ ability to defend against attacks. 

“They don’t have the skills and talents,” he says. “They don’t have a chief information security officer or an IT director to assist them if there is an issue. Next-generation 911 is necessary and very promising, but we must prepare for the eventuality that they’ll be susceptible to everything that’s facing us today. They’re going to be attacked.”

Given the dynamic nature of technology and the evolving cyber risk landscape, the DHS says, public safety organizations should use a cybersecurity risk management process.

That involves identifying new and evolving risks, assessing and prioritizing risks, developing and prioritizing mitigation strategies based on cost-benefit analysis and other factors, evaluating the impacts of mitigation implementation, and developing an approach to detection and effective response and recovery procedures. 

The DHS strongly recommends public safety agencies use the NIST Cybersecurity Framework, which is “a flexible, risk-based approach to improving the security of critical infrastructure.” 

One benefit of moving to NG11 is that if one PSAP suffers an attack and cannot take calls, others can handle that PSAP’s calls

“If we have an issue with a PSAP that’s down, we have back-up ways that we can reroute traffic, and the end user never knows that they’re on a secondary versus a primary,” North Carolina CIO Eric Boyette tells StateScoop. “We have the same capability now with the copper, but you have a lot of [telecommunications companies] you have to work with to make sure the traffic is routed all the way through.”

Jim Bartlett Team Rubicon, BLM for USFS/Flickr, Creative Commons

aaa 1