2022-03-17 | Prathamesh Khedekar- Technical Product Ops. Manager - Creospan

Is Your Mission-Critical Communication System Cyber-Proof?

Prathamesh Khedekar discusses the scale and reach of cyberattacks on mission critical communication systems within the Public Safety environment as well as the critical role in strengthening these networks.

Mission-critical communication systems are evolving, and so is the scale and reach of cyberattacks. US Government’s FirstNet, EU’s BroadWay project, UK’s ESN, and South Korea’s Safe-Net are some of the recent examples of how government agencies across the world are moving the needle towards modern broadband networks as opposed to traditional TETRA and LMR based public safety communication systems.

While these modern broadband networks provide our first responders with enhanced data capabilities to manage emergencies, do we understand the scale of risk the shift can add to public safety organizations globally?

Traditional mission-critical communication systems were designed using TETRA and LMR technologies isolated from the modern Internet and relied heavily on a dedicated and private infrastructure. The old methodology allowed us to minimize the spread of cyberattacks from mainstream Internet to TETRA and LMR systems since we didn’t host any of these legacy services on public servers. With the advent of the mission-critical broadband network, our first responders are now dependent on commercial infrastructure and public data networks to establish strong communication channels during emergencies.

Looking at the events that have unfolded in the last few years, we realize that the public data networks are not as secure as the traditional systems. UK telecom giant EE, which serves 30 million users and is a key telecom partner for the government’s emergency services network project, left a critical system code exposed online with a default password in 2018. In 2020, Japanese telecom giant NTT - ranked 55th in the Fortune 100 list, confirmed that hackers gained access to its internal systems and stole customers' data. Similarly, in 2021, US telecom giant T-Mobile became a victim of a highly sophisticated cyber-attack. The hackers gained access to its system and stole the information of 40 million customers. Echoing this pattern of telecom hacks, in 2022, Vodafone Portugal was hit with a cyberattack affecting the 4G & 5G network.

These and more examples like these serve as a reminder for us to assess and strengthen the security posture of our mission-critical communication systems. If we dive deep into the design and architecture of systems like FirstNet and ESN, we realize that they were designed to leverage the high-speed and low-latency voice and data transmission features of 4G and 5G networks. They were secured using frameworks that were strong enough to withstand the cyber winds of the past decade. Now, with the arrival of AI-based cyber bots, the flood gates can’t sustain the hurricane of advanced cyberattacks.

The goal of cybersecurity is to protect valuable system assets from breaches of confidentiality, integrity, and authentication. Modern mission-critical communication systems are made up of 3 core components: data centers that host servers, mobile devices that offer wireless communication services, and the network itself that interconnects these devices. These systems are designed and managed by public safety agencies, operators such as EE, AT&T, and vendors such as Motorola Solutions, Samsung, Ericsson, and Nokia. They form a foundation safeguarding modern mission-critical public safety systems.

To strengthen the cyber shield of these systems, our public safety agencies will need to establish cross-border collaboration channels with their counterparts worldwide. This way, we can quickly and efficiently disseminate information gathered from ongoing cyberattacks across all nations promptly and efficiently. While the European Union is at the forefront of cyber transformation, more bricks need to be laid in the Americas and Asia.

As sole providers of network and software, operators and vendors, too, will play a critical role in strengthening the cybersecurity of our mission-critical communication systems. Recent security breaches that paralyzed the Vodafone and T-Mobile telecom networks could have been identified and remediated using an AI-based user behavior modeling algorithm. It can analyze login/logout patterns of each user and enable a system to identify a hack swiftly and autonomously block the corresponding user account. This drastically reduces security breach identification time from days to a matter of minutes.

Companies like Darktrace, Crowdstrike, Versive, and more are spearheading advancements in AI to secure network and application services. Public safety vendors and operators should consider evaluating AI-based cybersecurity models instead of relying on traditional firewalls and antivirus software that fail to address current security vulnerabilities in our existing systems.
Not the least important piece of the cyber puzzle is people. As simple as it may sound, routine cybersecurity training for first responders can go a long way.

Cyberattacks are ever-evolving. So should our mission-critical communication systems. As Einstein famously said,

“We can't solve problems if we use the same kind of thinking that created them.”