Trending Topics

EMS leaders should expect, prepare for cyberattack

Many EMS agencies and other public safety organizations have significant exposed risks that can lead to cyberattack data breaches and infrastructure damage


Protection of patient data, account credentials and hardware access is the responsibility of everyone in an EMS organization.

Photo/Greg Friese

BOCA RATON, Fla. — EMS agencies, other public safety organizations and hospitals are vulnerable targets for cyberattacks. Cybersecurity risks and strategies to reduce an EMS agency’s risk were presented to Pinnacle EMS conference attendees.

Frank Gresh, MS, chief information officer, Emergency Medical Services Authority, presented the potential exposures of EMS, as well as other public safety entities, to cyberattack. Software data, like patient care records, and hardware, like 911 call centers, are potential targets for hacking. Infrastructure reliant on outdated technology is especially vulnerable to terrorists or hackers who could overwhelm the system, preventing 911 telecommunicators from answering or dispatching actual emergency calls.

Memorable quotes on cyberattacks against EMS

Here are memorable quotes from Gresh’s presentation.

“Every day, every second of the time there is some attempt being made to compromise access or get into a system – not necessarily against EMS – but there are always threats being made.”

“It’s not just IT’s job to think about information security. It’s everybody’s job to keep your (organization’s) information secure.”

“It is absolutely OK to seek outside assistance to shore up information security in your organization. Ask for help.”

Top takeaways on EMS cybersecurity risks

Here are three top takeaways on EMS cybersecurity risks from Gresh’s presentation.

1. Everyone is responsible for cybersecurity

Protection of patient data, account credentials and hardware access is the responsibility of everyone in an EMS organization. As Gresh outlined the risks and vulnerabilities, it’s clear that the IT experts need the cooperation and compliance of all EMS personnel to protect the organization from cyberattack.

Gresh encouraged every EMS agency to provide more training to personnel on recognizing threats and avoiding attacks. He shared an example of an email phishing attack targeting the agency’s CFO and CEO.

2. Cyberattack risk is constant

Gresh showed a real-time map of cyberattacks to illustrate that cyberattacks are constantly happening, 24/7. There are many routes or attack vectors, including:

  • Hijacking of personal credentials for a secure website
  • Email phishing schemes with nefarious attachments or links
  • Downloading malware or unwanted programs
  • Intrusions or exploits to the organization’s firewall
  • Denial of service attacks

Many of the attack vectors are dependent on socially-engineered content to entice an email recipient or website visitor to click on a link, download an attachment, unzip a file or launch a new program. An emerging trend is social engineering telephone calls from the attacker directing their email phishing target on how to bypass security controls and run macros to launch malware.

3. Identify and prioritize cyberattack targets

Cyberattacks target more than patient or employee data. Hackers were able to activate 156 emergency sirens in Dallas.

Gresh encouraged attendees to broadly consider the risks, and then prioritize actions to physically and electronically protect data and hardware assets. EMSA was able to move its data center into a hardened bunker to protect it from physical risks like flooding, tornadoes and earthquakes.

He also explained that it’s OK to balance highest value targets with the easier-to-mitigate targets. EMS leaders were encouraged to complete some simple protection steps – like educating personnel about email phishing schemes – while also working toward better protection of high-value targets.

Learn more about cybersecurity

Learn more about cyberattacks, protection and practices from these EMS1 and Police1 articles.

Greg Friese, MS, NRP, is the Lexipol Editorial Director, leading the efforts of the editorial team on Police1, FireRescue1, Corrections1 and EMS1. Greg served as the EMS1 editor-in-chief for five years. He has a bachelor’s degree from the University of Wisconsin-Madison and a master’s degree from the University of Idaho. He is an educator, author, national registry paramedic since 2005, and a long-distance runner. Greg was a 2010 recipient of the EMS 10 Award for innovation. He is also a three-time Jesse H. Neal award winner, the most prestigious award in specialized journalism, and the 2018 and 2020 Eddie Award winner for best Column/Blog. Connect with Greg on LinkedIn.