As part of our effort to inform our clients about potential and serious cybersecurity issues, MCP provides advisories about vulnerabilities and exploits that could threaten the operations of their mission-critical communications networks. Sign up to receive these advisories in your inbox as soon as they are released.

This week, there is a new critical alert that requires the mission-critical community’s immediate attention.

As part of our ongoing effort to keep our clients informed about the latest cybersecurity threats, we issue advisories whenever new threats are detected. If you would like to receive such advisories in the future, update your preferences here. 

In a recent post, I touched upon some of the novel ways that the public safety community has responded to the COVID-19 pandemic. In this post I’ll explore some of the most important lessons that have been learned.

First and foremost, all public safety agencies need continuity-of-operations (COOP) and disaster-recovery (DR) plans. We have roughly 150 subject-matter experts, and as they travel the country supporting clients, they often discover the complete lack of such plans and/or they come to realize that they haven’t been updated for quite some time. This always amazes me. Every agency should have such plans. As Benjamin Franklin said, “by failing to prepare, you are preparing to fail.” While the pandemic has brought this need into sharp focus, there are many events—tornados, floods, earthquakes, wildfires, hurricanes, hazmat incidents—that could render an emergency communications center inoperable, inaccessible or uninhabitable.

MCP’s NetInform solution leverages a variety of tools that enable our subject-matter experts to assess our clients’ communications network security postures. That assessment includes looking for vulnerabilities that could allow a bad actor to gain access to the network and then navigate through it, seeking opportunities to perform cyberattacks. Typically, a lot of vulnerabilities exist, and they’re not always easy to see. It can be something as simple as a network port being left open by a service technician after the work is done, or a former employee’s account is still active long after they left. This is problematic because numerous, easy-to-use scanning programs are readily available to hackers that enable them to probe an organization’s network to discover every open port, i.e., breach point, and attempt access.

As part of our effort to inform our clients about potential and serious cybersecurity issues, MCP provides advisories about vulnerabilities and exploits that could threaten the operations of their mission-critical communications networks. Sign up to receive these advisories in your inbox as soon as they are released.

This week, there is a new critical alert that requires the mission-critical community’s immediate attention.

Advisory Summary

Hacking groups still are exploiting the COVID-19 pandemic as an opportunity to perform cyberattacks. The United States’ Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC) issued a joint alert regarding the threats. To combat these threats, their recommendations are focused on user training and good cyber hygiene. A comprehensive list of recommendations to mitigate the risk can be found on the CISA website.