Securing CAD in 9-1-1 Centers

 ~Cyber Attacks and Computer Aided Dispatch (CAD)~

800px-petyaa

9-1-1 Centers (PSAPs) serve two main Public Safety functions:

  • INBOUND– Answering a 9-1-1 call or text from the public
  • OUTBOUND– Dispatching first responders (fire, EMS, law enforcement)

In most centers, these systems exist on two separate networks. The inbound network is typically installed and maintained by the vendor or channel partner who provides the Call/Text product (TriTech, Motorola, West, Solacom, AT&T, etc..).  The outbound (Computer Aided Dispatch) CAD system, in many cases, resides on a network managed by the local municipality or county government.

We currently have a PSAP in South Florida that has been without CAD for three weeks. A ransomware attack via the city email system made its way through the municipal network, into the 9-1-1 center and locked down a number of law enforcement systems, including CAD. For the past weeks, communication with first responders is a manual, paper and pen process.  The attack was not directed @ the 9-1-1 Center, but the collateral damage is a major hit to operations.

ALSO: Currently, in a Mid-Atlantic state, there is a PSAP whose CAD system has been down for weeks as the result of a cyber attack.

I have spoken to numerous centers across the country who have experienced similar CAD outages. Most of these were not as well publicized as major cities like Baltimore.

Can’t Patch Me

There are still government entities out there running Really old stuff.. and in some cases REALLY REALLY OLD STUFF (e.g.  MS SQL 2003-  Microsoft only supports back to SQL 2008). We should not run applications that are considered critical infrastructure (9-1-1 CAD) on the same network as these systems…

9-1-1 Center  Managers and Directors may have no clue regarding this connectivity or how to patch and protect these outbound networks.

We need to rethink how we deploy mission-critical CAD in 9-1-1 Centers.

Today in the 9-1-1 community there is a lot of excitement around new vendors and product offerings, including enhanced location accuracy and cloud-based applications.  In my opinion, Cyber awareness needs to be included.

 

 

 

 

 

 

 

2 thoughts on “Securing CAD in 9-1-1 Centers

  1. Steve O’Conor-ENP

    You should take a look at cloud-CAD offerings, as well as cloud-Core Services for (multimedia) call delivery.

    Like

  2. 9-1-1 centers are no different that any other industry in terms of the threat they face. What is different is that the consequences of such attacks on 9-1-1 centers can have life and death consequences.

    I would suggest all PSAP directors read the article “Creating a Culture of Cybersecurity in America’s 911 Call Centers”, by Rear Admiral (ret.) David Simpson.
    https://www.fcc.gov/news-events/blog/2016/01/28/creating-culture-cybersecurity-america’s-911-call-centers

    It provides a LOT of good information to bolster a PSAP’s cybersecurity posture. The article also points to a NENA self-assessment PSAPs can use to determine their level of cyber security readiness.
    https://c.ymcdn.com/sites/www.nena.org/resource/resmgr/Standards/NENA_75-502.1_NG-SEC_Audit_C.pdf

    Having said this, the one thing i have seen lacking in most agencies is the “leadership will” to invest the time and resources required to build secure and resilient PSAP (or other public safety) infrastructures.

    Too often, cyber security (and higher-order operational resiliency/continuity of operations) is pushed to the back burner. They really need to be brought front and center, to address all of the risk categories that can bring down mission critical systems.

    r/Chuck

    Like

Comments are closed.