2020 has seen a surge in cybersecurity attacks – nearly 300 percent. In response to the COVID-19 pandemic, the global workforce saw a dramatic shift to remote work – opening up new targets for potential attack. This year also saw a shift in attack focus towards critical industries impacted by the pandemic, including healthcare and manufacturing. Attacker profiles and motivations continue to evolve to exploit the changing environment, and cybersecurity remains a critical concern for public safety organizations.
As both the leading provider of solutions and cybersecurity services for public safety, Motorola Solutions is uniquely placed to gather and generate deep insights into cyber threats. Toward that end, we’ve developed a detailed report entitled “2020 Cyber Threats to Public Safety: Attack Methods Targeting Emergency Services” highlighting the current state of public safety cybersecurity. This report provides agencies with a baseline of knowledge to more effectively develop a proactive, holistic, risk-based plan steeped in real world insights.
Land Mobile Radio Vulnerable to Attack
Historically, land mobile radio (LMR) has been an isolated technology – with a “set-it-and-forget-it” security mindset. In addition, a low number of reported instances of compromise or targeting have created a false sense of security. However, increasing interconnectivity with the internet and enterprise networks is opening up LMR as a potential security attack surface.
Unlike other public safety cyber attacks, the threat actors looking to compromise the critical availability of LMR communication are often advanced persistent threat (APT) groups or insiders. These individuals are able to discreetly hide in networks and wait until they are able to cause critical system-wide failure. While defensive measures are a start, organizations need to conduct ongoing threat hunting activities in their systems to monitor for malicious actors.
Public Safety Answering Points Continue to Be Key Target
Public Safety Answer Points (PSAPs) continue to be the most common location targeted by malicious actors across the entire public safety ecosystem. PSAP attacks continue to be carried out by financially motivated actors looking to exploit the criticality of these services with 67 percent of reported PSAP attacks involving ransomware. By the end of 2021, ransomware is expected to attack an organization every 11 seconds, and public safety organizations will get more than their fair share. With the potential to completely shut down emergency operations, ransomware attacks remain an urgent threat to public safety agencies.
Records and Evidence Storage As a New Critical Vulnerability
While PSAPs are the most likely public safety target, Records and Evidence (R&E) storage systems are emerging as a critical vulnerability area. Their storage of large amounts of sensitive data makes them an enticing target for threat actors looking to sell or exploit information. This data theft can have drastic and far-reaching consequences, including the disruption of investigations, compromise of informants and even disqualification of evidence in criminal courts. Because these storage systems are often connected to insecure municipal networks, they are more likely to be compromised.
Body-Worn Cameras May Be the Next Target
As body-worn cameras become an increasingly integral part of policing, there is concern over potential exploitations. Security researchers have found vulnerabilities that may be exploited. It’s almost certain that threat actors – including financially motivated extortion groups and hacktivists – will target body-worn cameras to further their causes through the selective leaking of evidence.
Skills Shortage Puts Strain on Resources
With the continued barrage of cyber attacks, public safety organizations are looking for ways to ensure their security. Unfortunately, a continued skills shortage makes it difficult to recruit and retain talent – resulting in an estimated 4 million unfilled cybersecurity jobs worldwide. In addition, many organizations face tightened budgets and limited resources.
Evolving Technologies Open Up New Risks
The public safety toolkit has undergone a dramatic evolution in recent years. Systems are now connected to IP-based networks and to each other, enabling officers to use radios to communicate in the field, PSAPs to receive emergency calls and dispatch units and opening up new avenues including video evidence gathering and storage. While this interconnectivity certainly has widespread benefits, it also opens up new security risks.
At Motorola Solutions, we understand that organizations can’t address every vulnerability. The insights from this report will help to highlight the key areas of risk where public safety organizations should be investing.