911 Take Downs and Making the Case for Securing Government Contact Centers
By: Orhan Yildirim
In the U.S., 911 emergency contact centers are fundamental to the safety of millions of Americans, and when they are taken hostage by adversaries, lives can be lost.
America’s emergency-response networks remain dangerously vulnerable to criminals who can make millions of dollars or advance their political agendas by shutting down the country’s critical infrastructure.
In 2018, for example, Baltimore’s 911 system was compromised and heightened awareness of the vulnerabilities and consequences.
Before that attack, there were nearly 200 cyberattacks on public safety agencies and local governments in a two-year period, according to the cybersecurity firm SecuLore Solutions. That includes Atlanta, which was attacked a few days before Baltimore, scrambling the operations of many agencies (but not the 911 system).
This is how 911 works: when someone dials for help ─ typically from a mobile phone ─ the call gets routed from a cell tower to a 911 center, where an agent answers the phone and gathers basic information. The agent enters that information into a computer system, where a dispatcher picks it up and coordinates a response from firefighters, police officers or ambulances.
The consequences of taking down these first responder contact centers are real and devastating. For example, a July 2017 investigation by Scripps News on the vulnerabilities of 911 systems noted the case of a 6-month-old Dallas baby who died after his babysitter’s 911 calls were delayed during an apparent denial-of-service attack.
In 2020, COVID-19 further drove surges of calls into 911 centers, as record numbers of people became ill and required emergency care on the spot, or transport to hospitals. On top of the pandemic, civic unrest grew, causing additional volumes of calls, as peaceful protests across America’s cities sometimes grew violent.
Contact center agents and managers have been overwhelmed since March, working 12-18-hour shifts, and adversaries have unfortunately seen this as a perfect context for attacks.
Managing security – including which individuals have access to which systems – is still often done manually, and this is unsustainable.
Bring automation and intelligence to ensuring access to personal and private information, and access to network systems and software applications is more than an “insurance policy” – it is an urgent requirement, as government contact centers continue to try and adapt to the “next normal” even as they must serve communities in real-time.
Keep in mind that, like non-government contact centers, government contact centers had to move tens of thousands of contact center agents, managers, and operations staff to their homes and away from their traditional, secure facilities. This was a massive undertaking during a time when the demand for citizen services skyrocketed.
Demand was especially high at the Centers for Disease Control and Prevention. Maximus, a major government contractor in the contact center space, reported that calls to the CDC increased 100-fold, forcing the CDC to hire many more than the 50 agents they had in place prior to the pandemic – in fact 600 remote contact center staff who worked via the cloud.
The Maximus IT help desk had to ensure the agents had the proper equipment, but also appropriate customer service software required to securely field calls, so secure conversations could take place without privacy concerns.
Imagine authenticating 10X more agents within a matter of weeks to handle call volume surges and setting them up from home. This is a cybersecurity challenge unlike any we’ve seen – and the challenges continue.
And while contact center software – and policies including agents not being allowed to bring pen and paper to their desks to avoid recording private data and sensitive information – protects contact centers and their customers, or in the government’s case citizens – the number of IT professionals and managers who require access to databases and assets is also rising and must be accounted for.
The GSA and the Office of Management and Budget in the U.S., prior to the pandemic, touted the importance of contact centers with nine agency partnerships, and rapid contracting for call center services through Deloitte Consulting, Digital Management, HighPoint Digital, ICF Incorporated, McKinsey & Company, and Slalom.
The pandemic certainly taxed these enterprises supporting government contact centers in the U.S. and the good news is that these digital firms understand the entire “security stack” and importance of Privileged Access Management (PAM) and Privileged Task Automation (PTA) to keep control of who has access to what, and where, and at what time of the day.
911 is only one of many types of government contact centers. For example, the Veterans Affairs Department ramped up telehealth capabilities tenfold, delivering more than 100,000 telehealth visits in May for veterans. Courts across the nation increased the use of video-conferencing tools for “telejustice.”
All this had to happen fast – we had no choice. And in exchange for speed, policies including HIPAA compliance for telemedicine applications were greatly relaxed. As we now come out of this challenging year, and head into 2021 with more experience and capacity to deal with future crises, IT leaders are taking a fresh look at what is required in their architecture to secure everything, while serving every citizen.
PAM and PTA are pillars of advanced systems security and given the high stakes and high cost of attempting to secure access manually, the ROI associated with automating everything from secure passwords and multifactor authentication, to the use of notifications and alerts and automation that can sense and shut down accounts if malicious activity is suspected, is stunning.
The risk associated with not dealing with new challenges in a new and increasingly digital world of citizen engagement is huge, but with the right solution, can be expertly managed.
Securing Increasingly Decentralized Corporate Environments in 2021: Changes and Challenges for Access Management
It is understandable that many IT leaders are solid fans of the centralized approach to cybersecurity, arguing that it allows companies to better assess and manage their risks by being able to control every application, device and access privilege, by user.read more
The debate on centralized vs. decentralized IT has been going on for decades, and there are solid arguments for both choices. The rise of the cloud changed everything, and today “shadow IT” continues to challenge CIOs and CISOs who are charged with protecting the assets of their organizations while also not restricting the number of productivity tools available which employees and contractors continue to find and use rather than using “official” applications.read more
2020 was a year of tremendous chaos and stress on many levels and stretched the limits of IT teams who were responsible for securing corporate assets, as entire companies sent employees home to work, including those same IT teams. A new generation of IT heroes was born, and CIOs, CISOs, and IT analysts and managers stepped up to address uncommon challenges, even as cyberattacks grew to all-time highs.read more