Usually when I'm researching public safety technology, I get really excited. As new platforms and products are rolled out, I start to have wonderful day dreams about how public safety telecommunications work will continue to evolve. No longer will we be using outdated analog systems without ability for mapping, geo-locating or interfacing with other departments. And not just other law enforcement, but fire, EMS, streets, utility and animal control. Long gone will be the days of paper cards and pencils. Now before you start reminding me that even if these things exist in the private realm that in no way means that public agencies will have access to the funds to outfit their Comm Center with the latest and greatest stop and remember this is my dream. I also recognize that even if Comm centers had these things, we'd still be struggling to put qualified 911 Dispatchers in the ergonomic, heated, massage chair in front of them. Again, I'm dreaming. While I was scrolling through the latest and greatest from companies hiring the next generation of technological geniuses, an article on cyber-security for Emergency Communications systems popped up. Once I read it and as the horror set in, I continued down that rabbit hole.
Swatting
Most people working in public safety have heard of the phenomenon of swatting. Although this isn't technically a technical thing, it is utilizing 911 services in a false manner with potentially deadly outcomes. In fact a 2017 swatting call resulted in the police shooting death of the swatting victim. In case you don't know swatting involves someone calling 911 and reporting a fake incident at the victim's home. Usually this incident is an extremely violent and volatile incident such as a domestic violence with a weapon or a suicidal subject. Police respond according to the information in the call. The issue is the call is not real and the person being converged upon by the SWAT team (hence the term swatting) has no idea what is going on. For a period of time, many of these calls involved celebrities. A recent incident involved a 16 year old Fortnite World Cup champion as the victim. Thankfully, one of the officers recognized the teen from the championship. These calls put everyone in danger and I'm sure if I were the operator who received the call, I would be racking my brain as to how I could decipher the prank at the time of the call. I'm sure I wouldn't come up with anything because these hard working 911 Dispatchers would have no idea it was a prank. This is just another way to heap stress on these already stressed out public safety professionals.
Ransomware Attacks
It is reported that during 2017/2018 there were 184 cyberattacks on a local government or public safety agency. 42 of these were against 911 centers and 24 were ransomware attacks. What happens is a hacker gets into a system, such as Computer Aided Dispatch (CAD), shuts it down locking actual users out then requests something from the agency like money, usually in bitcoin. In 2016, Henry County (TN) was the victim of such an attack. They didn't pay, but it took their IT department three days to rebuild their system. During the interim, 911 Dispatchers conducted business as usual using paper cards and pencils. So much for modern conveniences. Thank goodness for the tried and true. Hackers have yet to figure out how to infiltrate those cards.
Denial of Service
Another form of cyberattack is when a spam link is sent to cell phones which make them call 911 over and over. All the bogus calls jam up the system preventing legitimate callers from getting the help they need. Again in 2016, an 18 year old hacker distributed a computer bug on Twitter that overwhelmed 911 centers in 12 states. There have been 40 incidents of these spam links and denial of services over the last three years.
As I'm reading about these issues all I can do is wonder why. Why would anyone want to knock out emergency life-saving services for their community, or any community? What would compel someone, especially a bright, young person to do this? One of the answers is it's a form of protest. During the chaos in Baltimore after Freddie Gray's death, the city's website was knocked out by hackers who were threatening to target the government's computer systems, specifically police databases as well. The same thing happened in Ferguson (MO). The hackers stated their reasoning was they sympathized with the protesters.
The light at the end of the proverbial tunnel is that as new systems come online, particularly Next Generation 911, they will come with more robust cyber-security built right in. As outdated systems are more vulnerable to attack, any upgrades to emergency communication systems will make things more secure. As locator technology becomes more advanced, false calls will be identified by the origin. The big caveat is that technological geniuses will continue to exist and ones who don't mind potentially causing loss of life will work to find new ways to release an attack. I just hope that our cyber-security folks and public safety pro-technological gurus will be able to stay one step ahead of them. Let's go IT guys. We're relying on you.
