REGULATE THIS: When Thermostats Regulate Twitter and Your Smart Phone Gridlocks a 911 Center

It’s Time to Take Cyber Threats Seriously! (…)
Imagine if Miley Cyrus’ 31 million Twitter followers all showing up at the same mall at the same time. No one else could shop there. This is a graphic example of a Distributed Denial of Service attack (DDoS) – the likes of which have been happening on an ever-increasing basis.
 
On October 20th a malicious DDoS attack, launched against domain broker Dyn, crippled sites like Twitter, Netflix, Spotify, and Reddit. It was successful by using Internet of Things (IoT) devices such as smart home thermostats. Per an article on TheVerge.com, many of these devices have “vulnerable security” such as “factory default or static username and password combinations”.
 
Shortly after the October 20th IoT attack came another DDoS attack, this one against 911 call centers. Apparently, a creative teenager in Arizona released some code that infected smartphones, causing them to dial 911 over and over again. Wherever those phones were located, the local 911 service was deluged with calls.
 
“One of the trends that is well documented is that there is relatively little free-lance hacking anymore.” says IT Security expert James Quinn, “(They still exist, but they’re fewer.) We have, however, seen a HUGE increase in the amount of state-sponsored hacking.”
 
The incidence and magnitude of such attacks are growing. DarkReading.com says, “According to researchers with NexusGuard, there was an 83% increase of DDoS attacks in the second quarter of 2016 compared to the first quarter.”
 
Regardless of the motive, be it a prank, teenage angst, for-profit or a nefarious strike – an attack on a regional 911 system or hospital’s network would have potentially devastating consequences. Period! Now, just imagine what could happen if it was coupled with even a lone-wolf terror attack.
 
There are only two solutions:
 
  1. Preventative: Increase security on networks.
  2. Build depth: Redundancy in critical systems (a backup 911 system, for example). Shockingly, many municipalities don’t have a plan in place. Neither do many hospitals, who rely on an intricate “network of things” connecting expensive and essential patient monitoring equipment. Those that have a plan, haven’t tested it. (See more on the lack of 911 backup here.)
 
If you need help evaluating your network’s cyber security, or exercising your redundancy plan, click here.
Categories: Emergency Management

Find Articles by:

  • We'd Love to Hear Your Comments

    0 Comments

    Related Articles: Emergency Management

    Why A Severe Weather Watch Should Call For Action

        (...) by Rick Christ We recently wrote about the need for trigger events in an emergency plan. A severe weather watch should trigger a series of just-in-time preparedness actions at your facility.   We conduct many tabletop exercises with healthcare...

    Stronger Together: 5 Ways to Honor and Support the EMS Community

        (...) by Rebecca Alwine Very few things in this life are certain, but one thing most Americans are confident of is that when they call 9-1-1, someone will answer. Those 9-1-1 operators are an important piece of the puzzle, and they do a fantastic job of...

    Take Advantage of the Downtime to Plan Ahead

        (...) by Rebecca Alwine There’s a small window on the calendar where emergency managers breathe a little easier. The time between the threat of severe winter weather and the start of hurricane season may be the only real downtime. But even then, there is...

    Our Newsletter

    Remember, we will NEVER share your email address or SPAM you.
    You may unsubscribe at any time.

    Website design & development by Carbon Six Digital Marketing Agency