Future first responders and law enforcement officers will sacrifice security for comfort if they use unencrypted personal electronic devices as part of the Nationwide Public Safety Broadband Network, according to a new draft report from the National Institute of Standards and Technology. The report found that unencrypted wearables and mobile devices can serve as identifying beacons in the field, alerting lawbreakers of impending apprehension.
“Public safety practitioners utilizing the forthcoming Nationwide Public Safety Broadband Network will have smartphones, tablets and wearables at their disposal,” the report says. “Although these devices should enable first responders to complete their missions, any influx of new technologies will introduce new security vulnerabilities.”
The First Responder Network Authority (FirstNet), which has been developing the network with AT&T since it was approved by Congress in 2012, is an independent agency under the Department of Commerce’s National Telecommunications and Information Administration.
The report is intended to be read and commented on by any public safety officials who use public safety mobile and wearable devices; the deadline for public comments is Jan. 7.
Even the most high-profile networks are subject to a cyber attack. Days before President Trump’s inauguration, for instance, Washington was the victim of a cyber attack, the effects of which are still unknown. Ransomware ended up infecting 70 percent of the D.C. Police Department’s video surveillance system, rendering it inoperable for the major event.
The report noted numerous cyber attacks and the potential for network intrusion. In 2012, in Anchorage, public safety officials received an unencrypted voice traffic message suggesting that a high school student was in a classroom in possession of a handgun. It didn’t take long before the media caught wind of the message and started tweeting about it and potentially compromising the safety of the students, teachers and parents at the scene. Four years later, public safety transmissions would later be taken off the air in Anchorage after a number of robberies revealed that the suspects had been listening in on an open channel.
“Software and firmware developers, in particular, should give proper consideration to risks associated with the supply chain,” the report says. “Applications installed on public safety mobile devices and wearables should be properly vetted before installation and use.”
Good To Know: 10 Tips for More Secure Mobile Devices