skip to main content

CIRI researchers work to defend nation's communication infrastructure

3/6/2020

During the 9/11 attacks, emergency response dispatch centers were overloaded with calls that caused the system to crash. Since then, advances have been made to prevent these lapses in response, but as technology evolves and improves, so too must the security and resilience of our nation’s infrastructure.

Mobile networks already have faced malicious attacks and the team at the Critical Infrastructure Resilience Institute (CIRI), a Department of Homeland Security Center of Excellence, is working to protect communication infrastructure through projects that improve the security of emergency response systems, mobile supply chains, and more.

Randall Sandone

“Mobile networks have become foundational to the economy,” said CIRI Executive Director Randy Sandone. “A successful attack on one element of this infrastructure could be disastrous to the entire system.”

Mobile networks undergird many critical infrastructure systems, and when they go down, it can impact everything from financial services to transportation systems. This structural snowball effect means that protecting the nation’s mobile communication infrastructure means addressing potential security and resilience in a holistic way - not only tackling the problem in one area of mobile technology, but also connecting the dots between interdependent systems to secure foundational components of communication.

One major research effort involves the nation’s 9-1-1 system – formally known as the Public Safety Answering Point system – a system that is life-critical to every citizen of our country. Telephone Denial-of-Service (TDOS) attacks (which overwhelm a user’s phone with activity to prevent legitimate calls from getting through) have already put this system at risk and prove that threats to the existing system are very real. CIRI is conducting cybersecurity assessments and analyses of the 9-1-1 system to identify potential gaps in system security, best practices, and training. CIRI will use broadly-adopted industry standards such as those published by the National Institute for Standards and Technology (NIST) as the benchmark for its assessments.

“We believe that establishing clear cybersecurity guidelines and best practices to the Public Safety Answering Points will enhance their cybersecurity posture, therefore increasing the resiliency of the life-critical 9-1-1 system,” said Elaina Buhs, CIRI research program manager.

The Wireless Emergency Alert system (WEA) is another critical component in the nation’s emergency response plan. This system allows the President to address the nation through mobile networks during a national emergency; however, these mobile networks are vulnerable to attacks through spoofing, data tampering, repudiation, and TDOS. These attacks could send out false information or prevent legitimate information from ever being received.  

“Our work will involve understanding attack vectors and potential impacts to the WEA system in terms of severity and likelihood,” said Buhs. “We will also investigate potential solutions by investigating a variety of detection methods and testing them in real-world scenarios.”

Another attack vector is the mobile supply chain itself, especially as the new 5G network comes online.

“The 5G network has some elements that reduce current risks and some that add new risks,” according to CIRI research program manager Jose Alejandro Medina Cruz. “We plan to support research directly related to assessing the impacts of 5G on telecommunication supply chain risk.”

As a part of these efforts, CIRI also seeks to study the supply chain for the Internet of Things, which includes everything from a cellphone to a smart thermostat. CIRI researchers Nasir Memon and Quanyan Zhu are seeking to understand how a disruption in service on one digital device can cause a “snowball effect” on the entire supply chain. According to Memon, this cascading effect is particularly dangerous because of the scope of digital devices.

“Going forward, everything is becoming digital. Your car, refrigerator, and even your toothbrush may soon all be connected,” said Memon, a professor of computer science at New York University.

This interconnectivity, while convenient in many ways, also carries the potential for disaster. A critical component of this security begins during manufacturing. A disreputable vendor represents a weak link in the IoT security supply chain. According to Zhu, untrustworthy suppliers may provide devices that come with backdoor channels that could be exploited by hackers to sabotage critical infrastructure systems. This can open devices up to cybersecurity attacks and can also pose a life-or-death risk to those using devices such as self-driving vehicles and pacemakers. Zhu’s research takes a holistic approach, addressing the entire supply chain to improve the resilience of IoT-enabled devices.

This strategy aligns with CIRI’s overall mission, says Sandone: “CIRI aims to not only conduct research that addresses our nation’s great need to create more secure and resilient mobile infrastructure, but we also plan to develop tools to deploy these solutions to the marketplace.”