How EMS computers are vulnerable to cyber attacks
Turning a blind eye to cyber threats puts first responders and civilians at risk; here are two ways to stave it off.
By John Facella, P.E., C. Eng.
With so many other things to worry about, why should a fire or EMS agency worry about cybersecurity? Because there exists all kinds of software programs that intend to get onto your computer without you knowing it.
Malware consist of viruses, worms and many other types of insidious and evil programs. Depending on the perpetrator, they can have multiple purposes, including hijacking your computer's files and demanding a ransom to copying your keystrokes to obtain your passwords.
Fire, EMS and law enforcement agencies all have sensitive information on their computer networks, that if compromised would create massive problems. If employee information is compromised, it would let bad actors obtain access to their personal financial accounts, or otherwise harass public-safety employees, compromising the agency's mission.
If malware shuts down a 9-1-1 PSAP, it would prevent residents from having their calls for service answered — exacerbating injury, death and property damage.
Advanced persistent threats
This problem isn't going away. The worst threat, the so-called advanced persistent threat, means hackers never go away, and states and many public safety agencies can expect to be targeted.
These bad actors keep trying to penetrate networks, day in and day out.
Unfortunately, the traditional "defense in depth" measures of firewalls, antivirus software and other means, while still necessary, are no longer enough.
Security firm Mandiant has discovered that the median time before such an attacker is detected in a target's IT system is 243 days, and 100 percent of the breaches were made using stolen credentials of authorized personnel.
There are two solutions that you should consider:
- Employee training
- Improved IT practices
EMS personnel training
Employee training should encompass using difficult to guess passwords and periodically changing passwords, denying access to computers by unauthorized persons, reporting any problems and not loading unauthorized software on a work desktop computer, tablet or smartphone.
Tell employees Wi-Fi hotspots can compromise their computer and your network without their knowing it.
But you don't have to start from scratch. There exists useful information on employee training. NIST has a basic guide.
IT practices controls
Improved information technology practices include backing up major file servers periodically, and storing the information off site. While this is tedious, it is a necessity in today's world where most information is stored digitally.
Not only hackers, but storms like Hurricanes Sandy or Katrina that can wipe out your computer systems such that you lose years of work and records. Good IT practices can start with the SANS Top 20 Security Controls.
It has been proven that the simpler attacks can be thwarted by some basic IT measures.
Cybersecurity is another facet of the new normal that fire, EMS, and law enforcement agencies must do something about. With the FirstNet national public safety broadband network coming to public safety, agencies will have to adopt security practices that they may not be doing today, so starting now is wise from many points of view.
About the author
John Facella is a senior vice president of RCC Consultants Inc. He has over 30 years in the public safety wireless industry. He is a member of the International Association of Chiefs of Police Communications Committee, the International Association of Fire Chiefs Communications Committee, the NPSTC Broadband EMS Working Group, and the National Fire Protection Association 1221 and 1802 committees. He also has 30 years of experience as a part-time firefighter and EMT.