There are many valuable resources regarding what you should do for resiliency against ransomware. Recently the Cybersecurity & Infrastructure Security Agency (CISA) released a document identifying the risks associated with telecommunications services as well as providing potential mitigations to improve resiliency. The challenge is, where to begin. There is so much information that some PSAPs may not know for sure what to do when faced with a cyber threat.

CISA has many recommendations that can help you. There are also different types of threats, knowing what they are and some simple things can help you protect your resources and build resiliency.

Phishing is a common threat facing businesses and individuals at all levels. This social engineering attack uses email or malicious websites to solicit personal information or to get you to download malicious software by posing as a reliable entity.
There are different types of phishing:

  • Spearphishing: This is when Phishing is targeted at an individual and includes key information about them.
  • Whaling: Phishing is targeted at high-profile individuals to steal sensitive information or high-value information.
  • Vishing: This type of Phishing is conducted via voice communication to lure the victim into the engaging conversation and build trust.
  • Smishing: Phishing conducted via text messages, aimed at having the victim click that link, and then the download of files or applications will begin, or sometimes to begin a “conversation”

One way you can improve your chances of avoiding a malicious website is to make sure you are clicking on the company’s actual site after you do a search and not an “Ad”. Not opening an email or clicking on links if there is something that seems suspicious. Email continues to be the main attack of choice. Data released indicates that 1 in 131 emails are of malicious intent.

Ransomware is different from Phishing because it is malicious software specifically designed to encrypt files on any device it finds, rendering the files and the systems that use them, unusable. Malicious actors then demand ransom in exchange for decryption.

CISA recommends that you do not pay the ransom! Paying the ransom does not guarantee the organization will regain access to its data. Some victims report never receiving the decryption key after having paid a ransom, while others have found themselves targeted again or extorted to pay more.

The Association of Public Safety Communication (APCO) encourages all PSAPs to develop strategies for the prevention of a cyber attack. Becoming educated at all levels within the PSAP is a proactive step in defending the security of your organization.

Bottom line – cyber attacks are real and they can happen to anyone. Pre-plan what you will do in your PSAP by having the ability and practice to switch to paper for CAD/Internet attacks. Stopping a denial of service attack can be as simple as putting all of your incoming lines on hold, however, it’s always best to research solutions that are best for your organization.

http://www.cisa.gov/publication/risks-telecommunications-central-offices