Since the initiative to upgrade 911 systems to NG9-1-1, it’s become abundantly clear that securing the next generation of 911 and PSAPs (Public Safety Answering Points) across the country is no longer a mere IT challenge.
Next Generation 911 implementation will require strategic planning involving emergency response personnel, handling processes, and technology, shifting from an analog to a fully digital operating environment. As 911 call center technologies evolve nationwide, the need for NG911 cybersecurity has never been more essential.
In this blog, our Next Generation 911 providers and experts at NGA will cover:
PSAPs received 911 calls over analog telephone networks with traditional emergency response systems, including copper wire transmission lines and outdated cellular networks that spanned small areas close to call centers.
NG911 and digital telephone network solutions have allowed for a mass interconnection of internet systems. While this interconnection makes communication between 911 callers, dispatchers, and first responders more streamlined, it also leaves the chances open for would-be cyber attacks.
While digital networks are essential for faster and more reliable emergency response, the need for airtight cybersecurity and employee awareness of potential threats is also crucial.
Over the past several years, various attacks have impacted local government agencies such as emergency dispatcher call centers, police stations, and first responder organizations. About half of these attacks have been focused on public safety agencies.
Many recent cybersecurity attacks have targeted citizens when providing sensitive data in an emergency. Attacks such as these involve attackers trying to trick victims via telephone calls or emails as a way for the attacker to introduce viruses into the network.
The bottom line: It is a cyber criminal's primary goal to use multimedia and social sharing techniques to achieve a more severe attack in the form of ransomware.
Ransomware is a malicious software known as malware that prevents access to sensitive files. These sensitive files include data and computer systems using encryption that can only be accessed and unlocked by the attacker.
When a ransomware attack occurs, the victim must pay a certain sum of money, typically in an untraceable cryptocurrency, to the cyber attacker, who promises to decrypt the data once they receive the money.
A closer look into cyberattacker motivations can help emergency response organizations and personnel understand, and mitigate, these threats to 911 systems.
Below are a few primary reasons why cybercriminals may target Next Generation 911 and PSAPs:
Disruption of services: interrupting vital services can put threat actors in the public eye while playing a significant role in multiple cyber attacks.
Financial gain: Infecting 911 systems and PSAPs with ransomware can lead to significant payouts for cyberattackers to restore emergency response services.
Cheap thrills: Occasionally, cyber attackers will target critical services purely for social standing or other notoriety purposes.
No matter the motivation, the outcome of a 911 system attack is usually the same: an interruption of emergency response services that are essential for protecting families and communities.
As cyber attacks target PSAPs and first responder teams continue to increase, addressing these threats through airtight NG911 cybersecurity and personnel training are excellent first steps to mitigate cyber risks.
Below are several steps any emergency response organization can take to assess and mitigate cybersecurity threats.
One of the first steps to successfully mitigating 911 system attacks is to boost employee education with cybersecurity awareness training. These security training efforts should be ongoing and followed by more targeted, critical role department education such as call center dispatchers, managers, and other personnel with access to sensitive data.
Security training efforts should range from correctly identifying a phishing email to responding to ransomware payment demands and verifying the identities of external callers asking for sensitive information.
Most NG911 cybersecurity training programs recommend PSAPs to continue this training at least once a year, with the content reviewed semi-annually to ensure accuracy and relevance.
A major component of protecting your emergency response organization is securing physical building access and access to any information or computer systems you use. Most 911 agencies have multiple external and internal users, such as cleaning companies and vendors who come into contact with physical PSAP offices and other locations.
Because of this, physical access to locations increases the risk of unauthorized access and possible theft of sensitive information that can lead to cybersecurity attacks.
To help ensure PSAP locations are properly secured, consider electronic badge access or a key access code. Public safety agencies and first responder organizations should train their personnel on physical access protocols and how to look out for possible attacks.
Aside from 911 system security training and employee verification access, PSAPs and other emergency response agencies should implement security services and their Next Generation 911 infrastructure.
NG911 cybersecurity solutions are designed following NENA standards, which means that these services specialize in security best practices.
Next Generation 911 security standards involve having technology, software, and protocols created to protect emergency callers and first responders.
Next Generation 911 is an emergency response infrastructure designed for innovation and adaptability. Our NG911 providers and experts at NGA believe in providing reliable NG911 solutions that offer airtight system security.
The system utilizes IP and cloud-based internet networks, connections, and firewalls to help make communication and the sharing of sensitive information more secure.
Do you wish to know more about NG 911 cybersecurity? Our experts are here to help!