~Cyber Attacks and Computer Aided Dispatch (CAD)~
9-1-1 Centers (PSAPs) serve two main Public Safety functions:
- INBOUND– Answering a 9-1-1 call or text from the public
- OUTBOUND– Dispatching first responders (fire, EMS, law enforcement)
In most centers, these systems exist on two separate networks. The inbound network is typically installed and maintained by the vendor or channel partner who provides the Call/Text product (TriTech, Motorola, West, Solacom, AT&T, etc..). The outbound (Computer Aided Dispatch) CAD system, in many cases, resides on a network managed by the local municipality or county government.
We currently have a PSAP in South Florida that has been without CAD for three weeks. A ransomware attack via the city email system made its way through the municipal network, into the 9-1-1 center and locked down a number of law enforcement systems, including CAD. For the past weeks, communication with first responders is a manual, paper and pen process. The attack was not directed @ the 9-1-1 Center, but the collateral damage is a major hit to operations.
ALSO: Currently, in a Mid-Atlantic state, there is a PSAP whose CAD system has been down for weeks as the result of a cyber attack.
I have spoken to numerous centers across the country who have experienced similar CAD outages. Most of these were not as well publicized as major cities like Baltimore.
Can’t Patch Me
There are still government entities out there running Really old stuff.. and in some cases REALLY REALLY OLD STUFF (e.g. MS SQL 2003- Microsoft only supports back to SQL 2008). We should not run applications that are considered critical infrastructure (9-1-1 CAD) on the same network as these systems…
9-1-1 Center Managers and Directors may have no clue regarding this connectivity or how to patch and protect these outbound networks.
We need to rethink how we deploy mission-critical CAD in 9-1-1 Centers.
Today in the 9-1-1 community there is a lot of excitement around new vendors and product offerings, including enhanced location accuracy and cloud-based applications. In my opinion, Cyber awareness needs to be included.