NG911 operators should plan ahead for cyberattacks: CRTC

The CRTC is encouraging emergency operators to harden next generation 911 (NG911) services from cyber attacks like malware and ransomware, as it said Friday it supports the recommendations of a report warning that the new 911 system will be more vulnerable to threats. In a decision last June, the CRTC mandated that carriers upgrade to the internet-based NG911 service by the end of 2020. NG911 will enable new ways of contacting 911 services, including sending emergency messages via text, photo and video messages, and having the geographic data of a caller shared with the 911 operator. However, the move to the new system, according to a report on the topic submitted to the CRTC Interconnection Steering Committee (CISC) in September 2017, will also create new potential cybersecurity threats 911 operators must be aware of. These include malware, ransomware — malware which locks files and asks for payment to unlock them — and swatting, or getting tricked into sending a response to a false threat. The report noted “stakeholders recognize that the introduction of new technologies enhanced capabilities while being more prone to vulnerabilities, hacks, breaches and attacks, especially if not set and managed properly.” Originally, the infrastructure which answers 911 calls, made up of public safety answering points (PSAPs), was based on the analog phone system. They are vulnerable to issues like telephony-denial-of-service (TDoS), radio frequency jamming and certain distributed-denial-of-service (DDoS) attacks, the report said, noting TDoS and DDoS threats still remain issues. The CRTC said in a decision Friday it will support the suggestions made by the Emergency Services Working Group (ESWG) in the CISC report. The report pointed to the National Institute of Standards and Technology’s (NIST) cybersecurity framework as the model to follow, as well as recommendations made by the Federal Communication Commission's Task Force on Optimal PSAP Architecture (TFOPA). The tools for facing those threats are generally standard fare, according to the report: building up physical and personnel security, having a disaster recovery plan and maintaining privacy and operational security. The report encouraged the PSAP stakeholders to create cybersecurity plans which take these factors into account. The report said that a TFOPA-recommended new layer of security should be implemented in “future architecture” called the Emergency Communications Cybersecurity Center (EC3). A centralized approach, already established in the U.S. with similar systems in the U.K. and Australia, would “focus on collecting, analyzing and distributing cyberthreat information and intelligence” and be “aimed at boosting partnerships among government officials, infrastructure owners and operators, and law enforcement agencies,” according to the report. One scenario outlined was a case where malware propagated through the trusted connections of PSAPs. The report suggested practises including adopting a “demilitarized zone” where suspect files aren’t given total network access, and that all network traffic between sites should be monitored, logged and encrypted. This does create new issues though, as Canadian IT teams are already swamped with security alerts. The report indicated future options could include machine learning solutions to that problem. It “should be a good practice to use Artificial Intelligence (AI) and machine learning technologies to monitor, slow down, stop and/or quarantine compromised connections or devices,” the report read. Among the potential issues the report anticipated were increased threats from internet of things (IoT) equipment enabling DDoS-causing botnets. Botnets are large collections of internet connected devices all operating under the command of a central source. The report said that the threat will remain present until manufacturers improve security included with the individual pieces of equipment. With all that said, the report also noted many cyberthreats still stem from mundane sources, given that “stolen or weak passwords were the leading cause of hacking.” As PSAPs are not directly in the CRTC’s authority, the regulator stopped short of recommending the contents of the report. “However, the Commission considers it appropriate to review the substantive recommendations in the report, as requested by the ESWG, and to encourage PSAPs to adopt cybersecurity best practices for the benefit of Canadians,” the CRTC said in its decision. — With reporting by Bryson Masse at bmasse@thewirereport.ca and editing by Anja Karadeglija at akarad@thewirereport.ca

NG911 operators should plan ahead for cyberattacks: CRTC

News | February 23, 2018

Unlock all the Canadian telecom, broadcasting and digital media news you need.

FREE TRIAL

SUBSCRIBE

Inside The Wire Report

Information

Hill Times Publishing

Get in Touch With Us

NG911 operators should plan ahead for cyberattacks: CRTC

News | February 23, 2018

Unlock all the Canadian telecom, broadcasting and digital media news you need.

FREE TRIAL

SUBSCRIBE

Related Stories

Broadcasters differ on usefulness of CRTC’s undue preference, standstill rules

CRTC dismisses WildBrain undue preference complaint against Bell; Rogers facing new complaint

After months of dispute, Rogers & Corus take fight over channel placements, repackaging to Federal Court of Appeal

OPINION: Preparing to effectively engage & consult with Indigenous communities a necessary step

Reuse & Permissions

Inside The Wire Report

Information

Hill Times Publishing

Get in Touch With Us