The Public Safety Threat Alliance (PSTA) recently published a report that details the top cyber threats facing public safety answering points (PSAPs) and computer-aided dispatch (CAD) systems. The Public Safety Product Report: Cyber Threats to PSAPs and CAD System also details how these types of attacks can impact law enforcement, fire departments and other public safety agencies. The full report is available to members of the PSTA.
Ransomware and TDoS Top List of Cyber Threats
As cyber-attacks evolved from manual to automated they became the most significant threat and disruption to public safety agencies in the United States and globally. Ransomware has been the most commonly observed threat to public safety since January 2022. Thus far, it has primarily impacted CAD networks and made up 67 percent of cyber attacks to public safety, according to the study.
The second largest cyber threat to public safety has been telephony denial of service (TDoS) attacks which primarily impacted PSAPs. TDoS attacks make a system unavailable and prevent legitimate calls, which can further endanger those in a 911 emergency.
Cyber Crime Motivation
Among extortion syndicates, TDoS attacks have increased in popularity, possibly due to the low effort they require. These attacks are especially appealing to less-sophisticated malicious actors because they have a significantly low barrier to entry. These attacks can be made from any phone, regardless of whether it has a SIM card, since they still allow emergency calls. Threat actors target PSAPs with TDoS attacks upwards of twelve times daily, although this number is believed to be underreported.
All cyber attacks are financially motivated and opportunistic, meaning threat actors seek the largest payout for the smallest amount of effort. While CAD systems are targeted the most due to larger payouts, PSAPs are at risk because of their vulnerability. PSAPs sit at an intersection of networks and systems and can be impacted by attacks on networks they have no control over.
As we discussed in our previous blog, cybercriminals were the number one threat to public safety agencies in 2022. With the rise of cybercrime, public safety agencies must make plans to prevent and minimize attacks.
Prepare Your Agency for Cyber Crime
Agencies can lessen the impact of TDoS attacks by forming partnerships with neighboring call centers so that calls can be re-routed in the event of an attack. Agencies should also create cyber response plans and prepare their networks before an attack. The full report includes additional recommendations.
The PSTA is an information sharing and analysis organization (ISAO) established by Motorola Solutions that is recognized by the Cybersecurity and Infrastructure Security Agency (CISA). The PSTA regularly publishes research, which is shared with members, such as recent insights on Snake malware. It also hosts regular webinars featuring our cybersecurity analysts and other experts. In addition, the PSTA provides threat intelligence for member public sector organizations at no cost.
Learn how your agency can start preventing TDoS attacks and prepare for other cybercrime in this report and others like it by joining the PSTA now.
