Crypto-Jacking: Using 9-1-1 Center Computers for Profit

CPU 4

Most of us have heard the term ‘crypto mining’. Cryptojacking is simply using the computer power and electricity of another person or company (in this case a 9-1-1 center or PSAP) without their knowledge to ‘mine coins’.

Simple Explanation

Cryptocurrency is, by design, decentralized. Transactions, which are encrypted, are added to a “block’, the block then gets added to a chain (blockchain). With a computer CPU, or graphics cards, crypto miners run a process to verify these transactions and keep the cryptocurrency world running. For this validation service, crypto miners receive a small payment.

It is less expensive for crypto miners to use ‘someone else’s’ (meaning your) computer processing and electricity.

Cryptojacking is becoming more popular. It is easy money and cryptojacking ’kits’ are available on the dark web for as little as $30.

The actual code can run in the background for a long time without detection. Unlike ransomware, the goal is not to lock up your computers and hold them hostage for payment, the goal is to use as much of your systems CPU as possible without detection. The culprit could be an unknown ‘bad guy’, an employee, contractor, etc.

Public Safety Answering Points (PSAPs) Compromised

We are starting to receive reports of 9-1-1 Centers conducting ‘Cyber Security Benchmarks’ and identifying cryptojacking software. For example, one 9-1-1 center found that cryptojacking was using 60% of the CPU on their Computer Aided Dispatch (CAD) workstations.

In addition to compromising the performance of ‘critical infrastructure’ systems,  whoever installed this software OWNS YOU. They may be content with simply using your PSAP to make money, but the fact is they have established two-way communications and are running hidden, malicious software. They could easily take your infected systems down hard.

In the 9-1-1 community, we need to step up our awareness of cybersecurity.  While this may be a line item PSAPs will consider putting in their budget for next year- the fact is every center should consider conducting a cyber benchmark asap.

A final thought:

APCO BLACKHAT DEFCON are all in Las Vegas next week.

Be careful out there.. turn Bluetooth off on your devices and please do not connect to unknown or free WiFi.

Security and IP Networks – John Mcafee

John Mcafee Perspective

john

As we discuss the need to provide secure IP networks in the world of Public Safety , this article by John Mcafee, the creator of the first commercial antivirus program and no stranger to controversy, is out there.

John has led a wild life full of tabloid material. This post, totally correct or not, is worth a read, as it it surely makes one think!

John Mcafee Perspective

Transitioning to a Broadband State of Mind

 

BBSOM (1)

 

More bandwidth!  When using a computer, FAST is a great feeling.

I’ve met probably a half a dozen individuals who have transitioned away from traditional analog phone lines (CAMA Trunks) in their 911 Call Centers (Public Safety Answering Point- PSAP) and proudly speak about how much bandwidth they  now have with the new IP based system.

100Mbps to every PSAP!

I comment that they must have very large 911 centers. In my latest discussion with an individual who implemented 100 Mbps to all eleven of his PSAP’s, the answer was “there are ten 2 position centers and one with 4 positions.”

In the legacy world, a Manager with financial responsibility for a 2 position PSAP would never terminate 20 incoming 911 phone lines. Two people staffing that center could not handle 20 simultaneous 911 calls. Also, those 20 phone lines would fit nicely on a single T1 circuit, which is approximately 1.5 Mbps. There are formulas that have been established for years to size the required number of phone circuits into a 911 center .

There are also formulas for calculating how much bandwidth is needed for voice in the IP world- we’ve been doing this in the US for over 15 years. And this is the important factor- today as we move to IP in the world of 911, we are usually only handling voice. Text should also be calculated, but it is very minimal. Bandwidth is expensive.

What I am seeing today is a ‘practice’ where solutions are not being engineered. In the example of a PSAP that could easy have run on a 1.5Mbps T1 circuit in the legacy world and is now operating on a 100Mbps circuit, its similar to building a 1500 lane superhighway and trying to terminate it into a 2 car garage. With  voice and text, you will never use all of those lanes.

Let’s ballpark the cost- on the State of Florida contract the 2 Mbps local loop charge (the smallest available) is $155/month. A 100 Mbps local loop charge is $1,768- a $1,613 per month difference. $1,613 that maybe I did not need to spend. With a 36 month contract that’s $58,068 per PSAP. Include all ten 2 position PSAPs in the example above and we have $580,680 over 36 months – 911 funds wasted.

Walk into a PSAP, staff today are answering phone calls and dealing with text messages, not streaming NetFlix.

Every deployment is unique. The bottom line is make sure that your solution is engineered. Make the vendor/consultant look at your historical usage, make them show you the numbers and don’t fall for the ‘more bandwidth is better’ sales pitch.

Today, increasing the bandwidth on an IP circuit, if you need to do that in the future,  can often be performed by a simple software command. This should allow for increased bandwidth, as needed, as we introduce broadband based services into the PSAP ecosystem.

 

 

 

ESInet as a Service (EaaS)

There is a desire by numerous groups and agencies (NENA, APCO, FCC, DHS, DOT to name a few) that, as a nation, we transition as  quickly as possible to NextGen 9-1-1 technologies.

FCC

Recently, my team and I spent the day here in Palm Beach County with Alan Benway, Executive Director of Product Management for AT&T ESInet and Mike Nelson, VP and Sr Technical Officer for West Safety Services (formerly Intrado).  West pioneered the Field of Dreams concept for ESInets- “build it and they will come.”

Press Release

After receiving an in-depth technical dive into the offering,  I believe that the West/ AT&T  ESInet as a Service (EaaS) offering, rather than a RFP based- build a dedicated system model- will gain tremendous momentum. It simplifies an extremely complex aspect of  moving to NG9-1-1. West has other Partners reselling their current two node offering (e.g. Motorola and CenturyLink), but AT&T is investing millions in buildout, adding nodes and aggregation points across the US.

I believe that this partnership will inspire others to provide a similar EaaS product offering. Now, if we can encourage State level funding, we can get some serious traction.

Simply plug in..