Contact
searchSearch
HMP Global

Advertisement

ADVERTISEMENT

Original Contribution

Information Warfare: Decrypting the Cyber Threat for EMS Part 1

Devin Kerins
08/11/2015

Former FBI Director Robert Mueller said that cyber-security threats could pose a bigger threat to the U.S. than what we typically think of as “terrorism.” He says there are two types of companies in the U.S., “those that have been hacked, and those that will be hacked.”

Even more ominously, he says those two types of companies are quickly merging into “those that have been hacked, and those that will be hacked again.”

With all this talk about cyber vulnerabilities and threats, just what exactly is the danger to our nation’s emergency medical providers?

I would venture to guess that most readers have probably said “how could this possibly impact me?” If you did, know you’re not alone. For a long time, I had a hard time wrapping my head around just how EMS could be impacted by this nebulous cyber threat.

It wasn’t until I started working on scenario development for a major cyber terrorism exercise that I came to realize just how vulnerable our emergency services are to cyber disruptions.

One reason it may be difficult to fully accept the concept of EMS being at risk of a cyber attack is the term “cyber terrorism.” September 11 attacks and other events have embedded in our mind that terrorism should involve Hollywood-style explosions, chemicals, bullets or at least tangible carnage.

Cyber terrorism can take many forms. In fact, cyber terrorism occurs far more frequently than more traditional terrorism. However, since you can’t film it for the 6 o’clock news, it often goes unreported.

A better term for the purposes of raising your awareness of your risk would be cyber disruption or cyber intrusion.

This article is meant to raise the awareness of our EMS providers and to help them take steps to safeguard their operations and their patients. It is not meant to be a how-to guide of disrupting your systems. Nor is it meant to share any information that isn’t available through open source searches on the internet.

Understanding the whys of cyber disruption

To truly grasp the concept of cyber vulnerability, we have to understand the motivations for conducting cyber disruption. Cyber disruption can be conducted for many reasons. Among these motivating factors are:

  • Warfare – Cyber disruption can be used as a tool of war. Just prior to the Russian invasion of Georgia in 2008, Russians attacked the Georgian military command and control systems to disrupt coordination.
  • Terrorism – Cyber disruption can be a tool of terrorism by creating physical impacts that cause mass chaos, confusion and possibly casualties in an intended population.
  • Loss of confidence – Cyber disruption is an excellent tool at the disposal of groups that wish to prove a point, particularly when that point is that the citizens of a particular community or country should not trust that their government or public safety agencies can keep them safe.
  • Social awareness – Cyber disruption can be a tool to raise awareness for a particular cause.
  • Financial gain – Cyber intrusion is often used to access personal protected information or the systems of financial institutions for the purposes of identity theft or financial gain.
  • For the “lulz” – As much as it pains me to repeat the term “lulz”, cyber disruption is often carried out purely for the fun and sport of it.

Once we have examined the whys, we can look at the whos of cyber disruption. Among those out there looking to use cyberspace for nefarious purposes are:

  • Nation states – Make no mistake about it, countries unfriendly to the U.S. are exploring how to use our own technology and technological dependency against us.
  • Terrorist groups – Just as with nation states, terrorist groups are also exploring the possibility of using cyber attacks against the U.S. and its allies.
  • Social activist, or “Hacktivist” groups – Social activists have been using cyber space to increase awareness for their causes for a long time. Along with raising awareness for social causes has come the radicalization of cyberspace, and the use of cyber attacks by certain groups to gain attention for themselves. In December of 2011, the hacker group Anonymous accessed the email accounts of several Arizona Department of Public Safety employees in protest of the state’s immigration laws.1
  • “Script kiddies” – If I asked you to close your eyes and describe your vision of a “hacker”, you would probably describe an overweight, lonely high school student who is sitting in his mom’s basement and toying away on the computer trying to hack for fun in between puffs of his asthma inhaler and sips from his energy drink. Okay, maybe that’s just my vision. But “script kiddies” would be that type of hacker who is doing it for fun or just to see what they can do just to do it, and they tend to do it very well.
  • Organized crime – Organized crime has long since realized the potential for cyber space as a means to facilitate identify theft, theft of corporate secrets, embezzlement and a litany of other criminal activities. Remember: criminal enterprise is not just organized crime. Individuals seeking personal gain could use cyber disruption or terrorism as a means to their desired ends.
  • The insider threat – Fortunately for us, there is no such thing as a disgruntled employee in EMS… right? Why did it suddenly get quiet in here? Employees who have been terminated on bad terms, or even current employees on seemingly good terms can still present a threat if they have access to critical information or systems. Think for a moment what information someone could walk away with if they accessed your personnel or billing records.

As time progresses, so does the organization of these groups. Lonely hackers are beginning to join together in cyber groups. Social hacktivists are forming well-coordinated cyber armies. Nation states and terrorist groups are turning to the well established expertise of organized cyber criminal enterprises. With such progression, it is easy to see why agencies such as the FBI and the Pentagon are concerned with cyber terrorism.

Key Terms

  • Cyber terrorism: unlawful attacks and threats of attack against computers, networks and the information stored therein when done to intimidate or coerce a government or its people in furtherance of political or social objectives
  • Cyber disruption: The use of cyber technology to disrupt essential functions or processes
  • Cyber intrusion: An incident of unauthorized access to data or an automated information system

References

1. Hackers claim attack on Arizona public safety accounts. Federal News Radio, https://www.federalnewsradio.com/?nid=244&sid=2687842.

Devin Kerins is the regional exercise officer for FEMA Region II. In this role, he has helped develop and conduct cyber-terrorism exercises in New York, New Jersey, Puerto Rico and the U.S. Virgin Islands, as well as assisting in the development of cyber exercises nationwide. He is a part-time paramedic with Holy Name Hospital in Teaneck, NJ. Devin is also the author of several books, including the “EMS: The Job of Your Life” series.

 

Advertisement

Advertisement

Advertisement

EMS World Fall 2024 Issue

Current Issue

September 2024
Volume
Issue
Current Issue
Issue Archive

Advertisement

Advertisement

Enter Your E-mail

EMSWorld Newsletter

Advertisement

Advertisement

Top Stories

Original Contribution
Lifting Made Easier
09/30/2015
Mac's Lift Gate's Bariatric Lift Unit can lift up to 1,300 pounds.
Mac's Lift Gate's Bariatric Lift Unit can lift up to 1,300 pounds.
Mac's Lift Gate's Bariatric Lift...
09/30/2015
EMSWorld
News
UAE Health Experts Await Arrival of World`s Heaviest Woman
05/03/2017
The 36-year-old woman, who had not left her house for 25 years, was named as the world's heaviest woman when her body weight reached a deadly 1,102 lbs
The 36-year-old woman, who had not left her house for 25 years, was named as the world's heaviest woman when her body weight reached a deadly 1,102 lbs
The 36-year-old woman, who had...
05/03/2017
EMSWorld
News
Powdered Alcohol Creator Tries to Get Ahead of State Bans
04/18/2015
Six states have already outlawed it, and lawmakers in about 30 other states have introduced similar bills this year.
Six states have already outlawed it, and lawmakers in about 30 other states have introduced similar bills this year.
Six states have already outlawed...
04/18/2015
EMSWorld
News
Calif. Paramedic Delivers His Son in Parking Lot
09/17/2013
Monterey County paramedic Nathan Lindsay said he didn't even have time to call 911, let alone stop and think.
Monterey County paramedic Nathan Lindsay said he didn't even have time to call 911, let alone stop and think.
Monterey County paramedic Nathan...
09/17/2013
EMSWorld
News
Woman Allegedly Huffed Aerosols Before Bizarre Pa. Crash
09/26/2011
Story by <a target=_new href=http://www.wjactv.com/>wjactv.com</a>
Story by &lt;a target=_new href=http:...
Huntingdon resident Julie Dick-Carson is facing charges of reckless driving, driving under the influence and endangering the life of her infant son, who was in the backseat when she lost control of her car, crossed five lanes of traffic and...
Huntingdon resident Julie Dick-Carson is facing charges of reckless driving, driving under the influence and endangering the life of her infant son, who was in the backseat when she lost control of her car, crossed five lanes of traffic and...
Huntingdon resident Julie...
09/26/2011
EMSWorld

Advertisement

Advertisement

Specialties

Events

Year Round Education

HMP Global Products

HMP Education Logo
HMP Omnimedia Logo
HMP Europe Logo
© 2024 HMP Global. All Rights Reserved.
Cookie Policy Privacy Policy Term of Use

Advertisement

Advertisement