main logo
Account Login

National News Roundup – June 6, 2022

Monday, June 6, 2022

tyre pressure

Preparing for Physical Attacks on IT Systems

Onsite, in-person attacks on computer infrastructure rare but possible.

Most public agencies are aware of the rise in ransomware attacks on local governments’ information technology systems. These attacks typically occur when criminal hackers find or create a digital back door to enter and exploit a system remotely.

But what if the troublemakers are bold enough to enter the brick-and-mortar facility where your IT network is managed and controlled? What if they break in, insert malware, and flee before the police can arrive?

That question arose among cybersecurity experts after an alleged in-person attack was made on one of Ukraine’s main Internet Service Providers (ISP) by “terrorists from the Russian guard” in Kherson on May 13th. A Ukrainian government communications agency reported that the invaders disconnected the ISP’s entire system and threatened to destroy the equipment unless Stratus, the company that was attacked, agreed to connect to the Russian portion of the internet through a node in Russian-controlled Crimea. It may be the first time an IT network was physically attacked.

Dr. Herb Lin, a senior research scholar for cyber policy and security at Stanford University’s Hoover Institution, notes: “Physical security of cyber infrastructure has always been an important, if often neglected aspect of cybersecurity.” Lin adds: “Physical violence … as an element of cyberattack is another dimension of cyber conflict. … We need to start paying more attention to it.”

(Source: Lawfare)

Recent Shootings Serve as Stark Reminders

Agencies can review, practice sound protocols for active assailant incidents.

Law enforcement authorities and experts on active shooter incidents have been weighing in on the recent school shooting in Uvalde, Texas, and the decisions made by onsite police leaders and first responders. Nineteen children and two teachers died in the tragic incident.

It appears that the Texas responders, like many police departments and officers nationwide, participated in training and exercises on managing active assailant incidents.

Tragic events like these serve as stark reminders to review and practice established protocols and understand the challenges that arise in the event of real-life incidents that require law enforcement officers and officials to mount a response.

There are many questions regarding the Uvalde tragedy that demand answers. Those answers will likely be difficult and painful, but they will assist future decision makers to improve security and first responders to improve their response.

For more on active shooter best practices and the Incident Command System, please see the following resources:

Unified Command – Active Shooter – IACP

Active Shooter emergency action plan guide and template

Incident Response Guide: Active Shooter

Contact Us for More Information

The above news items are provided for informational purposes and are not intended to reflect MMRMA opinions, coverage, or risk management recommendations.

Note: MMRMA has long recognized the need for training member law enforcement officers in active shooter incidents, and has held numerous such courses over the years, most recently in May. Rescue Task Force training is also available for law enforcement, firefighters, and medics, where the separate disciplines meld as one team to engage the shooter and rescue the injured. MMRMA remains committed to providing members with these and other training opportunities and protocols. While we share with members the sincere hope that they will not face such an incident, these tools are available and can provide member departments and officers with additional resources to draw upon should the unfortunate need arise.

Please contact Membership Services if you have specific risk control questions or concerns.