911 cybersecurity: Whose job is it?
One of the most important things a public safety answering point can do to ensure its own cybersecurity is understand its vulnerabilities and risk points, said Jeremy Willingham of TeleCommunication Systems at a National Emergency Number Association session on cybersecurity.
Willingham began his talk by surveying the session attendees to see which of them was responsible for cybersecurity in their organizations. Only a small handful responded that cybersecurity was in their direct purview. From that vantage point, Willingham shared some horror hacking stories and best practices accumulated during his more than 20 years working in cybersecurity.
One of the most critical things to keep in mind about cybersecurity is that the face of the hacker has changed, Willingham said. Originally, the term “hacker” just meant someone that could get into a system and make changes, but–over time–the term has become used to describe criminal behavior leveraging this capability. Moreover, the goal and the methodology of a would-be hacker–the "adversary," as Willingham called him–-has altered with changing technology.
Now, hackers include “hacktivists,” who tend to have an ideological goal when breaking into a system, such as a group that breached the system of a Virginia law firm and exposed some unscrupulous correspondence from the members of the firm. Findings from the breach called into question whether some of the attorneys would lose their licenses to practice law in Virginia, ultimately forcing the firm to close down.
There is also the cyber criminal, who may breach a system and demand a ransom for the information or to get the system back up. This is something that most PSAPs cannot afford to have happen, because they cannot have their systems be down for any extended period of time, Willingham explained.
Using a New York law firm as an example, Willingham explained the importance of having a system backed up. In this case, a firm with some very high-powered and well-known clients had its system breached. The perpetrators demanded large sums of money before they would repair the system. Because of the nature of the firm’s work and the information that was breached, it had to pay the money.
Increasingly powerful are the advanced, persistent threats from worldwide hacking groups, most notoriously the group Anonymous.
“The thing to remember is that you never know how or why someone may come after you,” said Willingham.