Review Your Network Traffic

Sweden

I spoke last week with a colleague regarding Cyber Security. While reviewing network traffic with his security contractor, they noticed a vendor server was reaching out to known criminal (out of respect for Chris Roberts I will not use the Hac*er word) sites for Domain Name System services- DNS. These sites were located in Sweden and Finland.

It appears that the rogue DNS code was injected into the 9-1-1 vendors software. The vendor was unaware that this breach had occurred (but is currently resolving the issue) . Fortunately, the firewall was properly configured and did not allow the DNS response, coming from our friends in Finland and Sweden, to invade his network.

Many 9-1-1 sites have a vendor or IT contractor administering their firewall. They will open and close ports on request. They are typically not under contract to monitor/evaluate outbound traffic.

Understanding the data traffic on your network is critical. There are other stories out there regarding 9-1-1 centers having active two way traffic with foreign nations (I’ve read the reports) that should induce a wake-up call.

High blood pressure is often called “the silent killer” because it typically has no symptoms until after it has caused significant damage. Putting together an overall cyber security strategy should include, at a minimum, conducting a cyber benchmark- sort of like checking your blood pressure…