Cybersecurity threats have become pervasive for police departments, first responders, and other public-safety organizations, with 93% of organizations reporting a cybersecurity incident in the previous year.
According to a report published on December 8 by cloud platform provider Mark43, which was based on a survey of 343 first responders.
Based on the 2023 U.S. Public Safety Trends Report, 76% of first responders are concerned about the vulnerability of their IT systems to ransomware attacks and data breaches.
Simultaneously, the vast majority of first responders must deal with outdated technology and disconnected systems, with 68% of public-safety officers required to file paperwork from the office rather than in the field, and 67% of first responders experiencing issues with inefficient technology, according to the report.
"These agencies in many cases do not have a dedicated security staff who can worry about these issues all day, ensuring that data is backed up and running vulnerability scans," he says. "To the the [cybersecurity] community, these are table stakes — you need to be doing patching, you need to be doing vulnerability scanning ... but these agencies are realizing that they cannot protect themselves from these risks on their own."
While technology can help fix many of the problems that presently afflict first responders, most state and local agencies lack the technical expertise to protect such technology from threats, as per Larry Zorio, chief information security officer for Mark43, which provides information systems for law enforcement and first responder agencies.
In 2021, the FBI warned that the Conti cybercriminals group had targeted at least 16 healthcare and first responder networks with ransomware. A ransomware attack disrupted 911 service in Suffolk County, New York in September 2022.
First Responders are being targeted
According to the FBI's 2021 advisory, these attacks pose additional risks to citizens.
"Cyberattacks targeting networks used by emergency services personnel can delay access to real-time digital information, increasing safety risks to first responders and could endanger the public who rely on calls for service to not be delayed," the advisory stated. "Loss of access to law enforcement networks may impede investigative capabilities and create prosecution challenges."
Ransomware attacks, in general, are expected to continue at the same rate, according to information technologists. According to a study commissioned by Ransomware.org, the vast majority of IT professionals (84%) see ransomware as a significant threat to businesses. Furthermore, 41% of IT professionals believe their company will be a target this year, while 43% believe the threat will remain the same.
The cybersecurity concerns of first responders are not unwarranted. In 2019 and 2020, ransomware groups intensified their attacks on state, local, tribal, and territorial (SLTT) government agencies. In 2019, for example, a coordinated ransomware attack on 22 town agencies and local government organizations disrupted citizen services. Ransomware attacks on local school systems impacted at least 753,000 students in 2019 and 1.2 million in 2020, according to the National Center for Education Statistics.
For first responders, cybersecurity threats must be balanced against the slow adoption of technology that could improve the efficiency of their jobs and operations. While the majority of first responders believe that an integrated reporting system would streamline operations, according to the Mark43 survey, only a quarter of first responder organizations (27%) have moved to the cloud — the other two-thirds have not.
According to the Mark43 survey, compliance and data transparency are also major concerns for first responders, with 86% of respondents requesting improved crime reporting and two-thirds requesting more public transparency.
The agencies must prioritize roles in technology, data management, and cybersecurity. Instead, cybersecurity is frequently delegated to untrained IT personnel within the department or to officers nearing retirement, according to Zorio.
"I don't feel that officers, who are trying to serve our communities, the fact that they are worried about that every day is definitely a concern," he says. "The industry in general needs to help them where we can, because it is not their job to worry about cybersecurity."
Based on the survey, cybersecurity issues include both malicious cybercriminal attacks and availability issues caused by attacks.