The New Jersey Cybersecurity & Communications Integration Cell (NJCCIC) shared the attached Public Safety Threat Alliance (PSTA) Finished Intelligence Report and is being provided to assist agencies and organizations in guarding against the persistent malicious actions of cyber criminals.[1]
Cyber-attacks against public safety answering points (PSAPs) and computer-aided dispatch (CAD) systems can result in disruptions to emergency calls and delays to first responder dispatching, which can and has resulted in loss of life.
Many observed attacks since January 2022 involved ransomware. These attacks resulted in disruptions to CAD systems and often impacted law enforcement, fire department, and dispatch center networks. Ransomware also impacted municipalities, likely spreading to adjacent networks after the initial compromise.
Telephone-denial-of-service (TDoS), which impacted PSAPs, are trivial to conduct for a variety of reasons, including the advent of voice-over-IP (VoIP) technology. This problem is exacerbated by readily available TDoS and “phone flooder” services on criminal messaging platforms and marketplaces.
TDoS attacks do not affect IT networks in the traditional sense and require a specialized response when it comes to cybersecurity. It is important to establish relationships with neighboring dispatch centers to ensure that call-handlers and dispatchers are prepared to accept overflow calls in the event of an attack.
Protecting against cybercriminal and extortion syndicate activity requires a layered approach, including the implementation of multi-factor authentication, regular patching, and the disabling of unused services such as email on CAD workstations.
The attached report contains background information, threat landscape, and recommendations. Link to report: PSTA - 5.3.2023.pdf
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. For questions, comments, or assistance, please get in touch with the office directly at 1-844-492-7225, or feedback@redskyalliance.com
Weekly Cyber Intelligence Briefings:
- Reporting: https://www.redskyalliance.org/
- Website: https://www.redskyalliance.com/
- LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://attendee.gotowebinar.com/register/5504229295967742989
[1] njccic@cyber.nj.gov
Comments