https://urgentcomm.com/wp-content/themes/ucm_child/assets/images/logo/footer-new-logo.png
  • Home
  • News
  • Multimedia
    • Back
    • Multimedia
    • Video
    • Podcasts
    • Galleries
  • Commentary
    • Back
    • Commentary
    • Urgent Matters
    • View From The Top
    • All Things IWCE
    • Legal Matters
  • Resources
    • Back
    • Resources
    • Webinars
    • White Papers
    • Reprints & Reuse
  • IWCE
    • Back
    • IWCE
    • Conference
    • Special Events
    • Exhibitor Listings
    • Premier Partners
    • Floor Plan
    • Exhibiting Information
    • Register for IWCE
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Terms of Service
    • Privacy Statement
    • Cookies Policy
  • Related Sites
    • Back
    • American City & County
    • IWCE
    • Light Reading
    • IOT World Today
    • Mission Critical Technologies
    • Microwave/RF
    • T&D World
    • TU-Auto
  • In the field
    • Back
    • In the field
    • Broadband Push-to-X
    • Internet of Things
    • Project 25
    • Public-Safety Broadband/FirstNet
    • Virtual/Augmented Reality
    • Land Mobile Radio
    • Long Term Evolution (LTE)
    • Applications
    • Drones/Robots
    • IoT/Smart X
    • Software
    • Subscriber Devices
    • Video
  • Call Center/Command
    • Back
    • Call Center/Command
    • Artificial Intelligence
    • NG911
    • Alerting Systems
    • Analytics
    • Dispatch/Call-taking
    • Incident Command/Situational Awareness
    • Tracking, Monitoring & Control
  • Network Tech
    • Back
    • Network Tech
    • Interoperability
    • LMR 100
    • LMR 200
    • Backhaul
    • Deployables
    • Power
    • Tower & Site
    • Wireless Networks
    • Coverage/Interference
    • Security
    • System Design
    • System Installation
    • System Operation
    • Test & Measurement
  • Operations
    • Back
    • Operations
    • Critical Infrastructure
    • Enterprise
    • Federal Government/Military
    • Public Safety
    • State & Local Government
    • Training
  • Regulations
    • Back
    • Regulations
    • Narrowbanding
    • T-Band
    • Rebanding
    • TV White Spaces
    • None
    • Funding
    • Policy
    • Regional Coordination
    • Standards
  • Organizations
    • Back
    • Organizations
    • AASHTO
    • APCO
    • DHS
    • DMR Association
    • ETA
    • EWA
    • FCC
    • IWCE
    • NASEMSO
    • NATE
    • NXDN Forum
    • NENA
    • NIST/PSCR
    • NPSTC
    • NTIA/FirstNet
    • P25 TIG
    • TETRA + CCA
    • UTC
Urgent Communications
  • NEWSLETTER
  • Home
  • News
  • Multimedia
    • Back
    • Video
    • Podcasts
    • Omdia Crit Comms Circle Podcast
    • Galleries
    • IWCE’s Video Showcase
  • Commentary
    • Back
    • All Things IWCE
    • Urgent Matters
    • View From The Top
    • Legal Matters
  • Resources
    • Back
    • Webinars
    • White Papers
    • Reprints & Reuse
    • UC eZines
    • Sponsored content
  • IWCE
    • Back
    • Conference
    • Why Attend
    • Exhibitor Listing
    • Floor Plan
    • Exhibiting Information
    • Join the Event Mailing List
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Terms of Service
    • Privacy Statement
    • Cookies Policy
  • Related Sites
    • Back
    • American City & County
    • IWCE
    • Light Reading
    • IOT World Today
    • TU-Auto
  • newsletter
  • In the field
    • Back
    • Internet of Things
    • Broadband Push-to-X
    • Project 25
    • Public-Safety Broadband/FirstNet
    • Virtual/Augmented Reality
    • Land Mobile Radio
    • Long Term Evolution (LTE)
    • Applications
    • Drones/Robots
    • IoT/Smart X
    • Software
    • Subscriber Devices
    • Video
  • Call Center/Command
    • Back
    • Artificial Intelligence
    • NG911
    • Alerting Systems
    • Analytics
    • Dispatch/Call-taking
    • Incident Command/Situational Awareness
    • Tracking, Monitoring & Control
  • Network Tech
    • Back
    • Cybersecurity
    • Interoperability
    • LMR 100
    • LMR 200
    • Backhaul
    • Deployables
    • Power
    • Tower & Site
    • Wireless Networks
    • Coverage/Interference
    • Security
    • System Design
    • System Installation
    • System Operation
    • Test & Measurement
  • Operations
    • Back
    • Critical Infrastructure
    • Enterprise
    • Federal Government/Military
    • Public Safety
    • State & Local Government
    • Training
  • Regulations
    • Back
    • Narrowbanding
    • T-Band
    • Rebanding
    • TV White Spaces
    • None
    • Funding
    • Policy
    • Regional Coordination
    • Standards
  • Organizations
    • Back
    • AASHTO
    • APCO
    • DHS
    • DMR Association
    • ETA
    • EWA
    • FCC
    • IWCE
    • NASEMSO
    • NATE
    • NXDN Forum
    • NENA
    • NIST/PSCR
    • NPSTC
    • NTIA/FirstNet
    • P25 TIG
    • TETRA + CCA
    • UTC
acc.com

Cybersecurity


Partner content

Digital-supply-chain challenge to cities and counties: Another cyber minefield to navigate

Digital-supply-chain challenge to cities and counties: Another cyber minefield to navigate

  • Written by Dr. Alan R. Shark / American City & County
  • 16th September 2021

As cities and counties have steadfastly turned to managed service providers for enhanced improvements and security for their networks, a new type of cyberthreat has emerged to greatly undermine trust. The irony here is that many turned to managed service providers who promised greater cybersecurity and hardened system protections. Perhaps managed services sounded too good to be completely true, as cities and counties looked to their providers for more secure solutions in better managing and protecting their networks from cyber intrusions. A rash of incidents in mid-2021 helped to undercut all such blanket assurances and promises. Supply-chain hacks are not new, but-—ike all cybercrime they—have become more pernicious.

The Colonial Pipeline hack is a prime example of a “traditional” supply-chain hack, when a ransomware attack caused one of the largest oil-supply pipelines to cease operation for less than a week, leading to gas outages, shortages and higher prices. Most thought of supply-chain issues as something completely focused on getting parts and materials to suppliers in the most expeditious manner possible. In addition, the pandemic highlighted supply-chain issues regarding shortages in furniture availability, due to shortages of lumber and foam. Cars, trucks, boats and even appliances had to cut their production lines because of shortages in essential computer chips.

Physical or traditional supply-chain issues can certainly be disruptive, but so can digital-supply-chain issues. As reported, what is now being referred to as digital-supply-chain attacks have proven to be particularly worrisome. When a cyber services company or managed service provider’s customer downloads an update, it was once rightful to assume the update had been fully vetted, etc.

Until recently, few saw how supply hacks could occur in the cybersecurity environment; then the cyberthreat landscape presented no less than three digital-supply-chain hacks. Threat actors had successfully compromised the technology supply chains and were able to obtain access into their target’s customer base, providing them unprecedented access to thousands of unsuspecting customers. This led to large-scale attacks on governments and enterprises, impacting small and large businesses, local governments and hospitals. The SolarWinds, CodeCov and Kaseya attacks are prime examples. Threat actors were able to gain entrance to these company’s ecosystems through unknown vulnerabilities and backdoor supplier support chains.

SolarWinds is a major cybersecurity company that provides system management tools for network and infrastructure monitoring offering technical services to hundreds of organizations around the world through its Orion software product. More than 30,000 public and private organizations—including local, state and federal agencies—use the Orion network management system to manage their IT resources. Threat actors were able to infiltrate at least nine U.S. agencies and about 100 companies, plus hundreds of electric utilities in North America. The hack compromised the data, networks and systems of thousands, as SolarWinds inadvertently delivered malware as a “routine” update to the Orion software.

To read the complete article, visit American City & County.

 

Tags: Applications Companies Critical Infrastructure Cybersecurity Enterprise Federal Government/Military Incident Command/Situational Awareness News Public Safety Security Software State & Local Government System Installation System Operation Tracking, Monitoring & Control Training Partner content

Most Recent


  • FirstNet PTT technical progress highlighted by AT&T at APCO 2022
    FirstNet PTT—the mission-critical-push-to-talk (MCPTT) service launched in 2020—continues to evolve with the development of much-anticipated features like LMR interoperability and broadcast technology that will support one-to-many calls, an AT&T official said during a presentation at the recent APCO 2022 event in Anaheim, Calif. FirstNet users can use numerous different push-to-talk (PTT) applications that leverage the […]
  • Digital-supply-chain challenge to cities and counties: Another cyber minefield to navigate
    Newscan: D.C. appeals court upholds FCC decision to share 5.9 GHz V2V spectrum with Wi-Fi
    Web Roundup Items from other news organizations D.C. appeals court upholds FCC decision to share 5.9 GHz V2V spectrum with Wi-Fi Auto industry lost its spectrum fight with FCC because V2V was always a fantasy FCC, FEMA raise alarm bells about vulnerabilities in Emergency Alert System Gigi Sohn’s backers dismiss call for different FCC nominee […]
  • Cisco confirms data breach, hacked files leaked
    Cisco has confirmed a breach of its network, where the attacker used voice phishing to convince an employee to accept a malicious multifactor authentication (MFA) push. The breach resulted in cyberattackers gaining access to the company’s virtual private network (VPN) and the theft of an unspecified number of files from its network, the company stated […]
  • Researchers developing health-monitoring e-tattoo
    Stories of people embedding digital devices into their bodies are becoming increasingly common; with these digital implants capable of everything from aiding mobility to paying for products, unlocking doors and storing data. A team of researchers from the Korea Advanced Institute of Science and Technology have taken a similar concept and applied it to the […]

Leave a comment Cancel reply

To leave a comment login with your Urgent Comms account:

Log in with your Urgent Comms account

Or alternatively provide your name, email address below:

Your email address will not be published. Required fields are marked *

Related Content

  • White House Cybersecurity Summit: A missed opportunity
  • IoT cyberattacks escalate in 2021, according to Kaspersky
  • OMIGOD: Azure users warned of critical OMI vulnerabilities
  • ESChat: Josh Lober highlights interop capabilities, Siyata integration for IWCE

Commentary


LTE and liability: Why the fire service must move forward with digital incident command

  • 2
6th May 2022

Partnership and collaboration must be the foundation for emergency communications

18th April 2022

FirstNet success means no hypothetical ‘shots’ need to be fired, Swenson says

22nd February 2022
view all

Events


UC Ezines


IWCE 2019 Wrap Up

13th May 2019
view all

Twitter


UrgentComm

FirstNet PTT technical progress highlighted by AT&T at APCO 2022 dlvr.it/SWZtNJ

13th August 2022
UrgentComm

Newscan: D.C. appeals court upholds FCC decision to share 5.9 GHz V2V spectrum with Wi-Fi dlvr.it/SWZQpx

13th August 2022
UrgentComm

Cisco confirms data breach, hacked files leaked dlvr.it/SWV8l9

12th August 2022
UrgentComm

Researchers developing health-monitoring e-tattoo dlvr.it/SWV749

12th August 2022
UrgentComm

Partnership launches no-cost wastewater monitoring service for local governments dlvr.it/SWV5PK

12th August 2022
UrgentComm

Verizon Frontline demos connectivity and emergency response to chemical spill drill dlvr.it/SWV4cg

12th August 2022
UrgentComm

Research claims driverless tech still too easy to trick dlvr.it/SWMDts

10th August 2022
UrgentComm

Coalition expresses urgent need to NG911 funding, wants more than proposed $10 billion dlvr.it/SWL5VW

9th August 2022

Newsletter

Sign up for UrgentComm’s newsletters to receive regular news and information updates about Communications and Technology.

Expert Commentary

Learn from experts about the latest technology in automation, machine-learning, big data and cybersecurity.

Business Media

Find the latest videos and media from the market leaders.

Media Kit and Advertising

Want to reach our digital and print audiences? Learn more here.

DISCOVER MORE FROM INFORMA TECH

  • American City & County
  • IWCE
  • Light Reading
  • IOT World Today
  • Mission Critical Technologies
  • TU-Auto

WORKING WITH US

  • About Us
  • Contact Us
  • Events
  • Careers

FOLLOW Urgent Comms ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookies Policy
  • Terms
Copyright © 2022 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X