General Dynamics - Pathfinder Ad

9-1-1 Magazine: Managing Emergency Communications

Priority Dispatch

9-1-1MAGAZINE.com
TOPIC SPONSORS

 

Alastar

NG9-1-1

Stratus Technologies

CAD, NG911 & Records Management

VPI

Recording Systems

Adcomm

Facilities Planning and Design

First Contact 911

Training Trends & Tactics

Willdan

Interoperability

 

Holland Co     
Mobile Command Vehicles

 

 

NENA Issues Cyber Attack Warning to 9-1-1 Centers

Date: 2017-05-15
Share |

On Friday, May 12th, 2017 the National Emergency Number Association (NENA) Headquarters became aware of a widely-reported ransomware attack affecting both private- and public-sector enterprises in multiple countries. Open-source reporting on the attack is available here. NENA is not aware of any attacks affecting PSAP systems or 9-1-1 service at this time. However, reporting indicates that life-safety institutions in the U.K., including several hospitals, have been affected. Consequently, we are issuing this special alert to help members defend against any attacks that may occur.

The so-called “WannaCry” attack leverages recently-released vulnerabilities (CVEs 2017-0143 through 0148) and exploit techniques to take control of Windows-based computers. After infecting vulnerable machines, the attack software encrypts data on the system, and demands payment of $300+ in an internet currency known as BitCoin. Victims that fail to pay are threatened with deletion of the encryption key, which renders their data irretrievable.

Mitigation Steps

To protect critical public safety services from this attack, NENA recommends that members take the following steps:

  1. PSAP IT departments should download, validate, test, and install a Microsoft-issued patch to all affected machines as soon as possible. Microsoft has issued a critical security bulletin and update (MS17-010) to resolve the vulnerability.
  2. Center Managers should ensure that on- and off-site backups for all critical systems are being routinely maintained. Existing backups should be verified and test restores performed using systems without an active internet connection.
  3. PSAP IT departments should consider permanently disabling the SMB 1.0, SMB 2.0, and CIFS file sharing support of all Windows systems. SMB 3.0 is currently maintained, offers higher speeds, and provides greater security than these legacy protocols.
  4. Shift supervisors should remind front-line employees to report any unusual computer behavior, and to exercise added care when clicking links and entering credentials, even in normally-trusted systems.
  5. In the event of a compromise, DO NOT PAY! Contact your local FBI field office, notify the National Cybersecurity and Communications Integration Center of any 9-1-1 service impacts at 888.282.0870, and take steps to preserve log files and other materials that may have forensic value.

PSAPs with questions or concerns may contact Trey Forgety at tforgety@nena.org or via telephone at 202.681.4392.

- People, Places & Things/9-1-1magazine.com (via NENA, 5/15/17)

Comments

Show: Newest | Oldest

Post a Comment

Log in or sign up to comment

 
9-1-1 Magazine is a Sponsor of the California Mobile Command Center Rally

Send mail to webmaster@9-1-1magazine.com with questions or comments about this portal.

© 2015-2016 9-1-1 MAGAZINE and 9-1-1MAGAZINE.com. The content of this portal is the property of 9-1-1 MAGAZINE and 9-1-1MAGAZINE.com.  We encourage government public-safety agencies to share any content with their staff, however, all others must not duplicate or modify any content without prior written consent of 9-1-1 MAGAZINE. Email publisher@9-1-1magazine.com for permissions. For more information, read the Terms of Service. Continued access of this portal and system implies consent to the above statements and those maintained on the Terms of Service.

Powered by Solata

MCM Consulting Yellow Submarine Marketing

 Team Rennick