As state and local law enforcement agencies and public safety organizations continue to implement FirstNet, a dedicated nationwide wireless broadband network for first responders, federal agencies like the Cybersecurity and Infrastructure Security Agency are warning about the possibility of malware being injected into the information sharing process.
While testifying at a House Homeland Security Committee meeting on emergency communications, Billy Bob Brown Jr., executive assistant director for emergency communications at CISA, told legislators that in the fast-moving aftermath of an emergency a vast disparate network of public and private actors must quickly share information, including documents, images or texts.
CISA, the National Telecommunications and Information Administration, public safety organizations and non-profits as well as contractors like AT&T (who manages FirstNet) must all contend with the possibility: that a bad actor could exploit the frenzied rush to share information in the midst of an emergency or natural disaster to inject malicious software intro the broader emergency communications ecosystem.
“If malware is introduced from the beginning in an image, in a video, in a text to a 911 center, it has the possibility and potential of providing that malware to those interconnected government systems,” Brown told legislators.
Brown said the agency has already engaged more than a dozen states to discuss the issue, as well as how broader threat like ransomware could be used to disrupt emergency communications services.
“Here at CISA we’ve been discussing this issue … beginning a process of sharing the concerns of cybersecurity public safety answering points across the nation,” said Brown. “We have had several discussions with more than 15 states about challenges presented by cybersecurity, including ransomware, as we prepare for the next gen 911 introduction.”
Still, even as leaders have touted how closely they are coordinating on cybersecurity, concerns about potential vulnerabilities and the ability of bad actors to disrupt the nation’s emergency communications persist, both in Congress and federal watchdogs.
In August, an inspector general audit found that the Department of Commerce’s oversight of the National Public Safety Broadband Network — which includes FirstNet — “continues to be a challenge,” despite widespread recognition that the network is a frequent target of malicious hackers.
“The FirstNet security scorecard has seen only marginal improvement since a year ago,” auditors noted. “The Department must provide adequate oversight to ensure the safety, security, and resiliency of the network through effective cybersecurity.”
More than 18,500 agencies and 2.8 million public safety connections are using FirstNet across the country, according to Edward Parkinson, CEO of the First Responder Network Authority at NTIA. Those connections are overseen in part by network and security operations centers that operate around the clock.
Parkinson claimed FirstNet was unique as one of the only networks in the country that is new enough to have been developed with cybersecurity in mind. However, the upcoming transition to 5G telecommunications infrastructure will likely present some fresh security challenges.
“When you look at the end user, we’re going to really have to be very cognizant of this in a 5G ecosystem as the network gets pushed to the edge and as device security becomes another important part of that,” said Parkinson.