Computer and cybersecurity nerds across the internet are marveling at last week’s report of a record-breaking distributed denial of service (DDoS) attack aimed at a software development website called GitHub that caused intermittent access outages.
For those unfamiliar with DDoS attacks, they are intended to block public access to an online service by flooding it with junk data or repeated requests from multiple, and often compromising sources, thereby rendering legitimate access impossible. DDoS attacks are increasing in quantity, breadth, and sophistication. Some attacks have gone as far as demanding a ransom to terminate the attack.
Cyber attacks are on the rise, and public safety MUST protect against them
As we talk with our public safety communications clients about implementing a statewide emergency services IP network (ESInet) and / or Next Generation Core Services (NGCS), we cannot stress enough that protecting these Internet Protocol (IP)-based, broadband-enabled networks is paramount. Government DDoS attacks have already caused many detrimental and unforeseeable effects on emergency response. Recently, the Multi-State Information Sharing and Analysis Center (MS-ISAC) released their 2018 SLTT Government Outlook which, not surprisingly, highlighted its position that the “sophistication of malware, cyber threat actors, and tactics, techniques, and procedures (TTPs) will continue to increase.”
The MS-ISAC’s Outlook also pointed out that government agencies experience “reciprocal effects” from non-government targeted DDoS attacks. This is exactly what occurred in Palm Beach County, Florida in late 2014 with the 911 enterprise. Upset with the creation of homeless ordinances by the city of Fort Lauderdale, the hacker collectively known as Anonymous carried out its threats to implement a DDoS attack for the city’s online presences. By doing so, as Chuck Spalding, Next Generation 911 Director for Palm Beach County, FL pointed out in a 2016 National 911 Program webinar, connectivity to three of their 18 public safety answering points (PSAPs) were overwhelmed with DDoS traffic.
How do we protect our 911 infrastructure from attacks?
Clearly 911 is not immune to these attacks regardless of whether they are primary target or just “collateral damage” as illustrated by Chuck Spalding during the webinar. So, what can be done to protect our Next Generation 911 (NG911) networks and systems from targeted attacks? The first step is an assessment of risk to the enterprise that includes answers to questions such as:
- What vulnerabilities exist within the NG911 network and system and how can those known vulnerabilities be exploited?
- What is the worst-case scenario?
- Are industry standards and best practices for cybersecurity being followed?
- Could an incident, such as DDoS, malware/ransomware outbreak, etc., be stopped if and/or when it occurs?
- What is the response time to detect, respond, and mitigate/resolve an attack or outbreak?
- Are the specific technical and communications skills possessed to deal with a cyber incident?
A powerful tactic: upfront planning and awarenessThis recent DDoS attack demonstrates the power of upfront planning and awareness. GitHub’s attack lasted less than 10 minutes because their systems quickly and automatically identified the situation and summoned support from their DDoS mitigation service. As the specifications for NG911 networks and systems are developed, implemented and maintained, experts from Mission Critical Partners are keenly aware of the need to prevent against DDoS attacks and other cyber incidents. We do this by designing requirements specifically intended to prevent and mitigate cyberattacks, ensuring that designs not only meet but exceed industry standards. We work alongside our partners to test systems during implementation and to maintain a careful watch as part of a comprehensive network and security monitoring operation.
This is an important time in the nation’s transition to NG911 and Mission Critical Partners is working across the U.S. to make that transformation a reality. #LetsEvolve911