The public safety tech firm Mission Critical Partners on Thursday announced that its testers are finding widespread vulnerabilities in the land mobile radio systems used by law enforcement agencies around the country.
The firm, which works with its customers to implement and test various technology platforms, including land mobile radio systems, noted in a press release that even radios adhering to the common Project 25 standard are susceptible to cyberattacks. Scott Neal, who runs MCP’s wireless communication services team, told StateScoop that the company has discovered in its recent round of testing that many agencies have a “false sense of security” when it comes to the cybersecurity protections built into their radio systems.
“Many agencies view cybersecurity within the context of their primary enterprise networks, but what we have found is cybersecurity in an LMR network was something most clients hadn’t even thought about,” Neal said. “We have identified that these networks have a number of vulnerabilities out there that we don’t think people realize are there or don’t think about, that could place them at serious risk.”
Radios meeting the common P25 standard employ additional security measures, such as using encryption, working across multiple frequencies and a “radio inhibit” feature that allows managers to identify and disable rogue radios. But additional risk has followed the addition of new features on digital radio platforms.
“We have discovered there are many other ways that people could actually access these networks,” Neal said.
In its announcement, the firm noted a variety of common attack vectors and weaknesses for LMR, including a shortage of strong physical security controls, lack of cybersecurity training among personnel, lack of strong device policies and an overreliance on radio vendors to provide security services, despite recommendations by the National Institute of Standards and Technology that agencies seek independent cybersecurity testing.
“In many cases the radio vendors themselves are telling people ‘you don’t need to worry about security, we’re taking care of it,’ but unfortunately we’ve found that the clients have no idea what they’re doing [regarding cybersecurity], if they’re doing anything,” Neal said. “We have found through our testing that they don’t have the level of security that they thought that they had and that they were promised from their vendor, and that they were still vulnerable.”
Because land mobile radio systems typically don’t have a public-facing internet interface, Neal said, public safety officials often wrongly assume they are secure.
“Most criminals are not very sophisticated,” said Neal, who spent 28 years as a trooper with Pennsylvania State Police. “But there are some out there that are very sophisticated, so if you had somebody who wanted to commit a major bad act and they wanted to disrupt the response to that act, one of the key areas in disrupting response is somehow cutting off the communication your responders are using.”
Neal said investigating the intersection of land mobile radio and cybersecurity is a relatively new venture for Mission Critical Partners, which only began the project in earnest after the company last year acquired the cybersecurity consulting firm Secure Halo.