T M

RadioResource

C O M M U N I C A T I O N S

September-October 2018 MCCmag.com

SPECS SURVEY: Mics and Mobile Radio Antennas WHAT’S NEW: Digital Radio

TETRA Radio Serviceand Maintenance

Emergency CommunicationsDuring California Wildfires

Inside

Cybersecurityin Public-Safety

Communications

14 September-October 2018 MissionCritical Communications www.MCCmag.com

Cybersecurity in Public-Safety Communications

WWhile the topic of cybersecurity forpublic-safety communications systemsis popular with the industry press andconference presentations, agencies aretaking little protective action. The pre-dominant attitude among stakeholdersis that cybersecurity is something toaddress in the future; unfortunately,that future is now. There is a gaping disconnectbetween the awareness of the potentialproblems that cyberattacks can causeand the relatively little action beingtaken to prevent them. Understandingwhat caused this significant gap is acomplex question with several criticalcomponents. One problem appears to be over-confidence in the security of existingsystems. The industry has operatedsophisticated technology-driven sys-tems for years with an excellent recordof avoiding cyberattacks. The trunkedradio and E9-1-1 systems that create

the core of public-safety communica-tions used cutting-edge technologywhen they were first developed. If anyenvironment could have been an earlyand easy target for hacking, it wouldhave been these systems. However, theway the systems were built and con-nected, the cost of computing power,and the relative immaturity of thehacker environment protected them. Only recently have significantissues started to arise. Some problemscan be attributed to the greater activityof hackers looking to exploit vulnera-ble systems of all types for profit ornotoriety. However, the majority isattributable to the fact that currenttechnology systems are more suscepti-ble to cyberattacks. Almost every facet of the criticalpublic-safety communications systemhas changed, and almost all of thechanges have opened the systems tocyberattacks. From the hardware and

software on which networks operate tothe interconnection of networks to thegreater dependence on sharedresources, systems are no longer capa-ble of avoiding cyberattacks. In an environment where the statusquo is perceived as “good enough,”action will only be taken when deci-sion-makers understand the importanceof taking cybersecurity seriously andacting immediately. This requiresunderstanding how each change hasweakened the overall structure of oncenearly impenetrable systems. The sys-tems have changed in three basic areas: n Legacy systems were built onproprietary hardware and software, buttoday’s systems are built on open stan-dard hardware and software. n Legacy systems were connectedwith point-to-point links (RS-232/485and/or T-1 links), carrying mostly pro-prietary protocols. Current systems arealmost exclusively designed around

Changing communications technology requires public safety to be constantly vigilant when it comes to cybersecurity issues. By Neil Horden

www.MCCmag.com MissionCritical Communications September-October 2018 15

Ethernet connections using open trans-mission control protocol/IP (TCP/IP). n Legacy systems operated on pri-marily closed networks, but systemsnow are more open and interconnected.

Future systems will continue toevolve in the direction of standardiza-tion and openness, further increasingthese risks.

Standardized Operating Platform Risks Past-generation radio systems hadrelatively few computing and softwarecomponents. When trunking wasintroduced, it was primarily based onproprietary hardware systems runningproprietary operating systems. Anadversary would have to design anattack for the specific system, which isseldom seen. The level of effort wouldbe quite high and the potential returnquite low, giving these systems a near-zero risk of cyberattack. As systems have evolved, so has thecomputing industry. While proprietary

hardware and software were requiredin the past, the power and flexibility ofnew computing platforms provides abetter solution with significant bene-fits. Standardized hardware providesgreater levels of processing power atreduced costs. Additionally, standardi-zation brings a wealth of developmenttools, greatly reducing the effort todesign a complex system. Current generation systems arealmost entirely based on industry-standard computing platforms. Thecombination of standardized operatingsystems and software, combined withstandardized hardware, is the norm foralmost all computing systems. Theadvantages of this architecture are sig-

nificant, from the availability of greaterlevels of data processing power atlower costs to access to a rich set ofdevelopment and testing tools. Theenhancements in reliability and redun-dancy cannot be understated. Even thecurrent migration to virtualized plat-forms, with its many benefits, isbecause of the use of industry-stan-dardized operating system platforms. However, along with the benefitscome a large number of potentialhacking risks. As systems becomestandardized, the number of systemssusceptible to the same type of attack— often called an attack vector —increases, not only allowing an adver-sary to design an attack usable on a

Even though cybersecurity is often considered a component of each system, to be truly effective, it must be considered comprehensively and coherently across all systems.

16 September-October 2018 MissionCritical Communications www.MCCmag.com

large number of systems, but an attackdesigned for another system could beinadvertently or purposely releasedonto your system. People using USBdrives infected from other systemsand technicians connecting infectedlaptop computers caused some of thefirst cybersecurity issues encounteredin public-safety systems. Unfortunately, with this migration,essentially every attack vector that anycomputing platform can experiencebecomes a threat. As public-safety sys-tems come to have more in commonwith the rest of the consumer and com-mercial computing world, they alsobecome susceptible to the many cyber-attack vectors targeting those systems.This issue increases the risks twoways. Systems become susceptible tothe broad-based attacks targeting stan-dardized platforms, and hacker toolsare readily available to adversaries,making targeted attacks on public-safety systems a significant risk. Thoseresponsible for these systems shouldnot underestimate the broad availabili-

ty of these tools to a greater base ofpotential adversaries. Fortunately, the mainstream com-puting industry is working to addressmany of these issues. Softwareproviders quickly supply fixes of vari-ous types — patches, system updatesand anti-virus/anti-malware programs— as they find threat vectors capableof infecting any significant number ofsystem implementations. However, thelevel of vigilance required to maintainupdated protection from these ever-evolving threats is often overlooked.Many agencies fall short in addressingthese known cybersecurity risks, leav-ing systems open to attack.

Interconnection Technology Evolution The transition started with IP links,followed by standardized IP proto-cols. As with hardware and software,interconnection technology hasaligned public-safety networks withthe technology of commercial andconsumer networks.

Legacy public-safety communica-tions systems used few digital inter-connecting links. Even when digitallinks started being used, most werebased on either serial formats commonto industrial computer systems of thetime or T-carrier formats common tothe telecommunications industry. Inboth cases, these links operated prima-rily in a point-to-point architecture andwere difficult to hack without makinga physical “tap” or midpoint connec-tion. Additionally, because much ofthe data transferred used proprietaryprotocols, general cyberthreats wereuncommon. This changed with the adoption ofIP technologies. The near-universaladoption of the standardized set of IPsfor packet networks has provided awealth of benefits for communicationssystems, including ease of providingreliable and redundant routing ofinformation between components,sharing data and equipment betweenvarious functions to provide signifi-cantly greater system efficiency, and

www.MCCmag.com MissionCritical Communications September-October 2018 17

ease of connecting systems from mul-tiple vendors — not to mention thecost efficiencies of standardized routing routines, replacing expensiveproprietary protocol stacks and theavailability of standardized manage-ment tools. Of course, the use of IP packet net-working aligns public-safety commu-nications systems with the greater ITnetworking market and again openssystems to the many cybersecurityrisks common to the IT world. As withthe computing platform risks, routingarchitecture risks are addressed by ITvendors through their continuousdevelopment of preventative measures.This again cannot be a “set-and-forget”environment. It takes vigilant attentionto network cybersecurity to make surea network is appropriately protected.The easy mistake is to assume that thenetwork is still closed, but most everynetwork becomes more open. The use of IP technology is oftennot seen as a significant issue withinpublic safety because the interconnec-

tion networks supporting these com-munications systems have traditionallybeen closed, single-purpose systems.These networks were believed to besecure because it would typically takea physical connection to monitor orattack the system. These systems typi-cally existed primarily within securefacilities, and the risk of a physicalconnection was considered low. How-ever, the cybersecurity issue is real asmost networks have migrated fromclosed to open. Network opening occurs both inad-vertently and intentionally. Inadvertentopening of the network occurs when

the ease of IP networking allows theunintentional creation of paths to theinternet through other systems thattouch the network or the failure torestore proper firewall setting afterdiagnostics and servicing. While inad-vertent network connections are oftenaddressed through training and carefulcontrol of network access points, inten-tional network connections are often abigger issue. Intentional connections are createdwhen the previously closed networkrequires access to external resources,such as for emailing trouble reports orgiving network access to an external

The closed network concept runs counter to standardization and interconnection trends.

18 September-October 2018 MissionCritical Communications www.MCCmag.com

user. The functions and benefits of IPnetworking created this risk and allowit to grow. Features such as remotemonitoring evolve from being mereconveniences that can be discontinuedfor security reasons to hard require-ments that must be secured withoutlimiting functionality. Often virtual private networks(VPNs) and firewalls are used to cre-ate a mixed open/closed network tosupport the desired operation. The

application of a VPN and the use offirewalls can be an effective part ofnetwork security, but they do not standalone. Both measures require activemonitoring and management to main-tain their effectiveness as barriers to acyberattack. VPNs are often disabled,and firewalls have excess ports openedas temporary measures during trou-bleshooting and as temporary fixes tonetwork problems. These short-termand temporary actions are commonly

left undocumented and uncorrected forlong periods of time, leaving a systemsusceptible to cyberattack. The onlyresolution is vigilant attention tocybersecurity and an ongoing processof monitoring, testing and protectingthe network.

Open Networks Public-safety communications sys-tems have become more interlinked,and connection to systems operatingon other agency networks is increas-ing. Next-generation 9-1-1 (NG 9-1-1),shared CAD resources and integrateddata applications drive this emergingrequirement. External connections to externalnetworks are no longer accidental oroccasional occurrences. They are nowcritical design requirements that pro-vide mandatory functions. As systemscontinue to evolve, interoperability andinterconnection of networks areincreasing. The use of the Inter RFSubsystem Interface (ISSI) to intercon-nect Project 25 (P25) networks andsimilar intersystem links often travelover external, internet-connected net-works. The interconnection of public-safety networks will only continue toexpand. In addition, the even less con-trollable requirements to interface withcellular, the First Responder NetworkAuthority (FirstNet) and other nontra-ditional networks are increasing. All ofthese connections add to the potentialfor a cybersecurity attack. Jurisdictionwide shared networkshave become common. The same fac-tors affecting public-safety radio sys-tems now occur on the dispatch sideof systems. Previously secure public-safety answering point (PSAP) sys-tems are harder to keep safe. Coreapplications such as call-taking, CADand records management have movedto industry-standard commuting plat-forms and operating systems. Addi-tionally, much as interoperability isdriving interconnection on the radioside, NG 9-1-1 is driving interconnec-tion between agencies and jurisdic-tions on the dispatch and PSAP side,often requiring direct internet accessto enable needed functionality.

WWiireless

Supply

As changes occur within public-safety communications systems, theyare also occurring across the IT world.The concept of a closed or dedicatednetwork runs counter to the trends ofstandardization and interconnection.The migration from purpose-built net-works to shared networks creates aworld where the network is perceivedas a utility for the entire agency orjurisdiction. Dedicated and closed net-works are a thing of the past that publicsafety cannot fall back on for cyberse-curity protection.

What Public Safety Must Do Public safety must put as muchattention into cybersecurity require-ments as it puts into other systemrequirements. There are processes todefine, implement and maintain radio,dispatch and IT systems. These sameprocesses need to be applied to the def-inition, implementation and ongoing

maintenance of the cybersecurityaspects of all three. Just as it takes alevel of expertise to properly ensurethat each system meets its definedrequirements throughout its operationallife, public safety must make sure thatit applies the same level of expertise incybersecurity. Even though cybersecurity is oftenconsidered a component of each system, it must be considered compre-hensively and coherently across allsystems to be truly effective. For thisreason, it is often beneficial to managecybersecurity requirements above andoutside each individual system withthe resulting criteria being applied toeach system in a cohesive manner.Once applied, the support of thesecybersecurity requirements must beembedded into the ongoing monitor-ing, maintenance and upgrade process-es on these systems. Even the trainingprograms must include cybersecurity

as a core component. Cybersecurity can no longer be anafterthought layered onto the network.It must be more than just somethingreviewed periodically to keep up. Itmust become an actively developedand managed part of the network. Itmust become a mission-criticalrequirement of the overall organiza-tion, to the same level as the communi-cations systems it protects. n

Neil Horden has more than 34 years of

experience in wireless communications

working with manufacturers and users in

the LMR and carrier markets. As chief con-

sultant for Federal Engineering, he is

responsible for the technical oversight of the

programs. He is on the editorial advisory

board of MissionCritical Communications

magazine, and is a board member of the

Project 25 Technology Interest Group

(PTIG) and the NG9-1-1 Institute. Email

comments to editor@RRMediaGroup.com.

The only resolution is vigilant attention to cybersecurity and an ongoing process of monitoring, testing and protecting the network.

www.MCCmag.com MissionCritical Communications September-October 2018 19