Cybersecurity threats have become commonplace for police departments, first responders, and other public-safety groups, with 93% of organizations experiencing a cybersecurity issue in the past year.
That's according to a report released on Dec. 8 by cloud platform provider Mark43, based on a survey of 343 first responders. The 2023 U.S. Public Safety Trends Report found that 76% of first responders had concerns that their IT systems are vulnerable to ransomware attacks and data breaches.
At the same time, the vast majority of first responders must deal with outdated technology and disconnected systems, with 68% of public-safety officers required to file paperwork from the office rather than in the field, and 67% of first responders encountering issues with inefficient technology, according to the report.
While adopting technology can solve many issues that currently plague first responders, most state and local agencies do not have the technical expertise to protect such technology against threats, says Larry Zorio, chief information security officer for Mark43, which provides information systems for law-enforcement and first responder agencies.
"These agencies in many cases do not have a dedicated security staff who can worry about these issues all day, ensuring that data is backed up and running vulnerability scans," he says. "To the the [cybersecurity] community, these are table stakes — you need to be doing patching, you need to be doing vulnerability scanning ... but these agencies are realizing that they cannot protect themselves from these risks on their own."
First responders' cybersecurity concerns are not unwarranted. In 2019 and 2020, ransomware groups started targeting state, local, tribal, and territorial (SLTT) government agencies in earnest. In 2019, for example, 22 town agencies and local government organizations were targeted with a coordinated ransomware attack disrupting services for citizens. Ransomware attacks on local school systems impacted education for at least 753,000 students during 2019 and 1.2 million in 2020.
And in 2021, the FBI warned that ransomware spread by the Conti cybercriminals group had targeted at least 16 healthcare and first responder networks. In September 2022, a ransomware attack disrupted 911 service for Suffolk County, NY.
Targeting First Responders
These attacks carry with them additional risks for citizens, the FBI stated in its 2021 advisory.
"Cyberattacks targeting networks used by emergency services personnel can delay access to real-time digital information, increasing safety risks to first responders and could endanger the public who rely on calls for service to not be delayed," the advisory stated. "Loss of access to law enforcement networks may impede investigative capabilities and create prosecution challenges."
In general, the information technologists believe that ransomware attacks will continue at the same pace. The vast majority of IT professionals (84%) see ransomware as a significant threat to businesses, according to a study commissioned by Ransomware.org. In addition, 41% of IT professional believe their company is more likely to be a target this year, and 43% believe the threat will remain the same.
Cloud Adoption Lags
For first responders, the cybersecurity threats are balanced against the slow adoption of technology that could make their jobs and operations more efficient. While the majority of first responders believe that an integrated system for reporting would streamline operations, only a quarter of first responder organizations (27%) have moved to the cloud — two-thirds have not, the Mark43 survey found.
The Mark43 survey found that compliance and data transparency are also significant concerns for first responders, with 86% of respondents asking for improved crime reporting and two-thirds of those surveyed wanting more public transparency.
The agencies need to prioritize technology, data management, and cybersecurity roles. Instead, cybersecurity is often tasked to untrained IT workers inside the department or to officers that are nearing retirement, Zorio says.
"I don't feel that officers, who are trying to serve our communities, the fact that they are worried about that every day is definitely a concern," he says. "The industry in general needs to help them where we can, because it is not their job to worry about cybersecurity."
The survey defined cybersecurity issues as both malicious attacks by cybercriminals and availability problems caused by attacks.