Hackers Hold Police Hostage

Ransomware was a hot topic of discussion at a cybersecurity session in late August at the Association of Public-Safety Communications Officials (APCO) 2015 conference. According to an article on IWCE’s Urgent Communications, panelists concluded that “first-responder organizations need to cooperate to combat efforts to infect their systems and compromise sensitive data on IP-based systems.

First responder organizations are of particular value to hackers due to the sensitive information that they hold, such as license-plate and addresses, criminal records and evidence, said Symantec national practice manager Robert Myles, a national practice manager at Symantec who works as liaison officer for the North Central Texas Fusion Center.

Jay English, APCO’s director of communications-center and 911 services said that ransomware attacks can cause havoc and police organizations sometimes find it easier to just pay up: “Some attacks have been so sophisticated—against small police departments and large—that the data has been sent to the Department of Justice Federal Bureau of Investigation and some very advanced commercial partners, so they can try to decrypt and fix the problem. And, after 90 days, they gave up,” he says. “The FBI couldn’t fix it. Major cyber players in commercial enterprises couldn’t fix it. What was the net result? The Swansea (Mass.) police department paid $750, and they got their files back. A Chicago suburb paid $500, and they got their files back. Sheriffs tend to be a little stubborn, like police chiefs, and a few of them said, ‘No’—and they’ve never seen the data again. This happens today. It’s a real-world threat.”

Prices are kept low by hackers who are valuing quantity over quality, and looking for repeat victims. “The worse news is that, if you pay once, you’ll pay again, because they’ll hit you again. And, if you don’t pay once, they’ll hit you again anyway,” says English.

The key to minimizing risk is being strict about procedures, says the article. “It is not enough for an individual PSAP or law-enforcement department to implement good cybersecurity practices; all of those providing data to the entity or accessing data from the entity also need to follow similar practices, or hackers can find a way to infiltrate the systems,” according to the article.

To combat the problem, the FCC wants to establish security operations enters for multiple public safety access points, says FCC chief of public safety and homeland security bureaus David Simpson in the article.

“Maybe it’s at the state level. Maybe, in Texas, you have five of those, because they’re so large. But we need to get Security Operations Centers supporting each of the PSAPs, and that’s where the information sharing is going to happen,” he says.