TwitterACicon86x90vert facebookACicon86x90vert
TV/Radio XFINITY | WOW! | WBBM | WXRT | B96 + Dance | US99 | K-HITS CHICAGO

   *** SCORES: BEARS | BLACKHAWKS | BULLS | CUBS | FIRE | WHITE SOX ***
YoutubeTwitterFacebookArlingtoncardinalYahoo! Google Bing Aol.ArlingtoncardinalTMZ Rotten Tomatoes ET Online Box Office MojoArlingtoncardinal Channel 9 WGN Channel 7 Chicago ABC Channel 5 Chicago NBC Channel 2 Chicago CBS Daily HeraldChicago Tribune Breaking NewsArlingtoncardinal Chicago Gas PricesFloridaCardinal.comGLOBALCONFLICTMAPS.COM Arlingtoncards.com THE GUIDE

Computer Hacker or Hackers Attacked and Accessed Indianapolis 9-1-1 Center in December 2014

Fri January 23 2015 4:13 pm  http://www.arlingtoncardinal.com/?p=73087
 Share The Cardinal -- Arlingtoncardinal.com Articles (E-Mail, Facebook, Twitter & More) 

CHICAGO BEARS RADIO -- WBBM Newsradio 780 "Traffic on the 8's"

This week it was learned that computer hackers accessed the emergency 9-1-1 system in Indianapolis that dispatches all police, fire and EMS vehicles across Indianapolis. The attack started December 20, 2014 and lasted several days. The information about the attack was not made public until a speech Tuesday afternoon, January 20, 2015.

“We haven’t said this because we wanted the investigation to continue, but we had our own cyberattack against our public safety communications systems.”

— Public Safety Director Troy Riggs

Officials say the cyberattack slowed the 9-1-1 system down, but since there is a redundant computer network, public safety was never compromised. Officials did not say what part of the network was affected. Computer systems in dispatch centers provide a variety of information, which could include emergency protocols, premise histories, security access codes at residential and business properties, general residence information, vacation watch information, general business information, business agent information, fire pre-plan information, emergency vehicle selection response information, a variety of geographical information system data, radio communications control and functions, and radio channel and radio security information.

Premise histories can include information, such as whether a resident has any particular hazards or threats on their property — usually based on experiences from prior visits to a property during a previous Police and/or Fire/EMS response. Examples could include whether a resident possesses guns or other weapons with details, such as “resident keeps a sword next to the front door” or “vicious dog on the property” or medical history information. Also hazardous materials information, Material Safety Data Sheet information and other fire safety information can also be stored on public safety information systems.

For security reasons, officials did not specify exactly what part of the system was affected. A full breach could involve hackers modifying vehicles selections in Computer Aided Dispatch (CAD) systems, or could involve downloading the premise histories of residences and business properties across the city. The breach would likely cause administrators to need to audit their system to make sure hackers did not change configurations.

Regarding encrypted radio systems, hackers could gain access to radio registration information, and possibly register an outside black market radio so that it could become part of the network and monitor radio communications that police believe are encrypted and private. A careful audit of the system would be required to check to determine whether a radio asset is on the system that doesn’t belong on the system. If such a radio were discovered it could be disabled remotely, and the system passwords and encryption keys could be changed so that the radio is no longer permitted on the system. The system may have protections against this type of false registration, but that doesn’t mean it can’t be overcome.

On the modern radio side, computerized digital signals are used to transmit voice, and researchers at University of Pennsylvania have shown that radios can be hacked with a toy made by Mattel at low power. The disruption could cause 9-1-1 administrators to need to turn off encryption or transmit in “the clear” in order to get the radio system to work. The digital signals are easier to mess up with lower power jammers than the “old school” analog radios. “Old School” systems can be jammed, but it is easier for radio signal investigators to discover the source of the jamming.

The University of Pennsylvania researchers listed a scenario where an attacker could choose to attack only uplink messages on the radio control channel of a 9-1-1 trunked P25 system (the system that most 9-1-1 centers use). The cyber attack could effectively cause disruption of the entire trunked network at an extremely low cost to the attacker, the researchers reported.

The researchers declared that hackers could use some tricky methods to make it hard to detect where their interference and attacks on the radio system are originating. Basically the attacks could move around and last mere hundredths or even thousandths of a second — making it difficult to detect the location of the attacks. For example, an attacker could choose to deploy multiple battery-operated jamming devices in a metropolitan area, placing them in public locations to make tracing of the devices harder to achieve. The researchers said the devices could be surreptitiously attached to vehicles of third parties, such as taxis, delivery trucks, or other vehicles that are known to be constantly moving around in the areas covered by the public safety radios. Such devices could be made to automatically activate in a zone at any given time or location, or commands to control the devices could be executed over the air. They could jam the various towers that are operating in the community.

Older, more robust radio systems used in the 1970s and 1980s are not vulnerable to this type of attack because low voltage devices cannot overpower the system of the single tall radio tower. If a powerful jamming device were used, it would have to be activated for a prolonged time period to be effective, and its strong signal could be detected by a method called triangulation that can pinpoint the jamming signal — even if it is moving.

“I’m not going to go into our behind the scenes operations, but because of our redundancies and the close work with the sheriff’s office, we were able to continue to dispatch vehicles on time; it did not affect that but it could have.”

— Public Safety Director Troy Riggs

Riggs acknowledged a hacker attack could happen again. He added that he believes cyberattacks and hacker attacks are the number one safety threat to businesses and government agencies in the United States.

Some experts have criticized the everyday common use of sophisticated radio systems because it gives hackers greater opportunity to overcome the sophisticated system. By limiting the sophisticated system to sporadic use by tactical teams (SWAT) and drug sting operations, and mixing up communications with text messaging and other methods; public safety professionals would be deploying the same methods that the hackers with mobile low power jammers would employ to avoid detection — intermittent and sporadic activity. Having the sophisticated system on 24/7 for everyday police communications is just plain stupid, because hackers have all day to chip away at the system, according to some experts.

Indianapolis city officials say they quickly identified the cyber attack and then took steps to stop it. However, even if officials can take steps to stop intrusion, they still probably don’t have an effective, quick method to stop a brute force attack on the system that would simply bring the radio system down with low power moving jammers. Those could make the radio system totally unusable. Ironically, the P25 system that was required by the federal government to have a more functional capacity in a post 9/11/2001 world, might actually be more at risk than the “old school” radio system.

Meanwhile, the Indianapolis Department of Homeland Security and FBI are investigating the breach.

Reference …
University of Pennsylvania Security Weaknesses in the APCO Project 25 TwoWay Radio System [PDF]


Get updates from The Cardinal CRIME BLOG ‘Plus’ on Facebook. Just ‘LIKE’ the ‘Arlington Cardinal Crime & Forensics’ Page (become a fan of our page). The updates cover all posts in the 24/7 Crime Alerts! and sub-categories. See all of The Cardinal Facebook fan pages at Arlingtoncardinal.com/about/facebook …

CLEAR SKIES?  Weather Data for Friday, January 23rd, 2015

Tags: , ,    

IMPORTANT NOTE: All persons referred to as subjects, defendants, offenders or suspects, etc. are presumed to be innocent unless and until proven guilty beyond a reasonable doubt in a court of law.


Try a more powerful search in the box below ... SEARCH BOX PRODUCES RESULTS FOR The Cardinal -- Arlingtoncardinal.com ...
(POWERFUL SEARCH for The Cardinal, which can be expanded on the results page.)

Where background Wikipedia info/photos are used, original work is modified and released under CC-BY-SA.

! MORE NEWS FAST!!! MOST RECENT: CRIMEBLOG | MOST RECENT: FIREBLOG | SUBMIT NEWS TIPS
::: Health, wellness and fitness gifts! CoolFitnessGifts.com ::: Cubs, Sox caps at ChicagoFanfare.com :::

ARLINGTON HEIGHTS BREAKING NEWS --The Cardinal -- Arlingtoncardinal.com is a breaking news blog with Arlington Heights & Chicagoland emphasis. Early breaking reports may prove to be inaccurate after follow-up investigation, which may or may not be updated in The Cardinal -- Arlingtoncardinal.com. For in-depth coverage, please also check the following links for network television, cable news networks and Chicago local media coverage ...

Daily Herald | Daily Herald -- Arlington Heights | YouTube.com/DailyHeraldClips
Today's headline videos: FOXNews Video | YouTube.com/FoxNews | Associated Press | The Cardinal
Chicago Area Newspapers
CNN Arlington Heights  FOXNEWS  BREITBART.COM  cbs2chicago  NBC 5 Chicago  abc7chicago   WGNTV      WGNRADIO720  NEWSRADIO 78  CHICAGO BREAKING NEW  Daily Herald Arlington Heights  Chicago Tribune   Seed Newsvine
 
Video LOGO youtube Twitter Arlingtoncards facebook battery status Cardinal Calendar Search Batteries Plus RSS Help ...
All Headlines
crimeblog | fireblog
« EARLIER | SEARCH ARTICLES BY DATE -- Arlingtoncardinal.com/searchdate | LATER »

Comments for Arlingtoncardinal.com
COMMENTS are now available via one or more of our official Facebook pages. Comments no longer appear on the Arlingtoncardinal.com article per se. Please comment on Facebook.com/ArlingtonCardinal or check the other popular Arlington Cardinal Facebook pages at Arlingtoncardinal.com/about/facebook ...

SUBMIT CRIME TIPS ...
Anyone having information about serious crime in Arlington Heights should register on CitizenObserver.com and look for the anonymous TIP411 feature, or call Arlington Heights Crime Stoppers at 847-590-STOP (847-590-7867). Callers are guaranteed anonymity and may qualify for a cash reward of up to $1,000. Not a resident of Arlington Heights? Check CitizenObserver.com for availability for your community.

   Arlingtoncardinal.com/traffic | Traffic on Twitter

CHICAGOLAND RADAR


Weather radar map is provided by DarkSky.net
Arl Hts Weather | NEXRAD | FULL SCREEN RADAR

RSS Cardinal Weather Center

US & WORLD NEWS

Top News Video …

CHICAGOFIREMAP.NET TWITTER

digital-lifestyle.com

TMZ Plus …

RSS OBITUARIES