Cybersecurity

GAO: Protect next-gen 911 from cyberattack

NG911 logo

The Government Accountability Office wants the Department of Homeland Security to work with the departments of Commerce, Justice, and Transportation and the Federal Communications Commission to ensure next-generation, IP-based 911 emergency response systems are not vulnerable to cyberattack.

The Next-Generation 911(NG 911) technology that local Public Safety Answering Points (PSAPs) are installing in towns and cities across the nation relies heavily on IP and cloud-based technologies to handle emergency calls from the public, GAO noted in a report released Jan. 28. The next-generation technologies carry photos and other data-heavy packages such as building blueprints and maps to help emergency responders do their jobs, which also can make systems more vulnerable to cyberattack, GAO said.

The National Public Safety Broadband Network being set up by the Commerce Department under its FirstNet initiative to improve communications among local emergency responders is also expected to rely heavily on IP-based communications.

The GAO report recommended DHS spearhead an effort among the five agencies to ensure the new, more feature-rich NG 911 emergency response systems are secure.

GAO said the list of possible cyber intruders that might interfere with, or even commandeer, 911 systems is a long one: insiders with personal grudges; thrill-seeking hackers; phishers intent on stealing personal identification information; spammers looking to sell bogus products or set up phishing schemes; and terrorists trying to disrupt emergency response or cause mass casualties. Natural disasters, like the powerful June 2012 storm that knocked out 911 systems in the Washington, D.C., area, could also disrupt new systems.

Last spring, a rash of crude denial-of-service attacks flooded PSAPs' administrative telephone lines with calls. FCW's sister publication, GCN, reported at the time that DHS had issued a notice saying there had been about 600 denial of service attacks on critical government phone systems and as many as 200 of those had targeted government public safety offices. The agency speculated the attacks were associated with extortion schemes.

The new GAO study looked to determine how federal agencies could coordinate with state and local governments' cybersecurity efforts at emergency operation centers, PSAPs and first-responder organizations involved in handling emergency calls. The study noted there are more than 6,000 PSAPs at the county or city level that answer more than 240 million 911 calls each year.

Although GAO said DHS has been working to insure 911 systems' security through its Emergency Services Coordinating Council, it believed the new technology needs a closer look. DHS told GAO in a Jan. 14 letter that the latest version of its National Infrastructure Protection Plan released in December integrates core cyber security considerations for critical infrastructure.

It concurred with GAO, however, that a closer look at NG911 services was in order. Under the newly revised NIPP, DHS said it is working with its partners across all critical infrastructure sectors to update sector-specific plans and it will include NG911, as well as the National Public Safety Broadband Network in those plans. The agency expects to complete the updated plans by the end of 2014.

About the Author

Mark Rockwell is a staff writer at FCW.

Before joining FCW, Rockwell was Washington correspondent for Government Security News, where he covered all aspects of homeland security from IT to detection dogs and border security. Over the last 25 years in Washington as a reporter, editor and correspondent, he has covered an increasingly wide array of high-tech issues for publications like Communications Week, Internet Week, Fiber Optics News, tele.com magazine and Wireless Week.

Rockwell received a Jesse H. Neal Award for his work covering telecommunications issues, and is a graduate of James Madison University.

Click here for previous articles by Rockwell. Contact him at mrockwell@fcw.com or follow him on Twitter at @MRockwell4.


FCW in Print

In the latest issue: Looking back on three decades of big stories in federal IT.

Featured

  • FCW @ 30 GPS

    FCW @ 30

    Since 1987, FCW has covered it all -- the major contracts, the disruptive technologies, the picayune scandals and the many, many people who make federal IT function. Here's a look back at six of the most significant stories.

  • Shutterstock image.

    A 'minibus' appropriations package could be in the cards

    A short-term funding bill is expected by Sept. 30 to keep the federal government operating through early December, but after that the options get more complicated.

  • Defense Secretary Ash Carter speaks at the TechCrunch Disrupt conference in San Francisco

    DOD launches new tech hub in Austin

    The DOD is opening a new Defense Innovation Unit Experimental office in Austin, Texas, while Congress debates legislation that could defund DIUx.

  • Shutterstock image.

    Merged IT modernization bill punts on funding

    A House panel approved a new IT modernization bill that appears poised to pass, but key funding questions are left for appropriators.

  • General Frost

    Army wants cyber capability everywhere

    The Army's cyber director said cyber, electronic warfare and information operations must be integrated into warfighters' doctrine and training.

  • Rising Star 2013

    Meet the 2016 Rising Stars

    FCW honors 30 early-career leaders in federal IT.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group