Ensuring FirstNet Security: Assessing Risks and Strengthening the Lifeline for First Responders

The FirstNet cellular network was established after the devastating events of 9/11 with the aim of providing a secure broadband network for public safety officials. It is used by emergency workers, firefighters, and law enforcement officers across the United States. However, according to a recent report, the country’s cybersecurity watchdog has no confidence in FirstNet’s security.

Concerns raised by US Senator Ron Wyden

US Senator Ron Wyden recently expressed his concerns over the security of the FirstNet cellular network in a letter to the National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA). In his letter, Wyden cited a conversation he had with an anonymous CISA expert who stated that they had “no confidence” in the security of FirstNet. This is a worrying revelation, especially for a network that is relied upon by public safety officials.

Request for Internal Audits

Wyden’s letter also requested that FirstNet share its internal audits with CISA, NSA, and Congress. There is a pressing need for transparency when it comes to security audits, especially for a network that is responsible for public safety. Ensuring the security of the FirstNet network is crucial, and revealing its internal audits will help identify vulnerabilities and implement necessary security measures.

Significance of Signaling System No. 7 (SS7)

Experts have warned about the vulnerabilities of Signaling System No. 7 (SS7), a protocol used in the FirstNet cellular network. The protocol is easily exploitable, making it an attractive target for cyber attackers. With the constant evolution of cyber threats, it is vital that the vulnerabilities of the network are identified and addressed regularly. The lack of security around SS7 is concerning, and there is a pressing need to address these vulnerabilities to ensure the security of the FirstNet network.

Additional concerns raised by security experts

Mobile security researcher Gary Miller echoed Wyden’s concerns and said that there is a “very troubling” lack of transparency around audits. Trellix cybersecurity company executive Patrick Flynn agreed that it was reasonable for FirstNet to share its security information with the government. This points to the need for collaboration in addressing cybersecurity concerns and coming up with solutions that will keep public safety officials secure while using the FirstNet cellular network.

FirstNet Authority’s response

The FirstNet Authority, in a statement, has said that they have prioritized cybersecurity in their planning for the public safety broadband network. This statement is reassuring, considering the concerns raised by Senator Wyden and security experts. It is commendable that the FirstNet Authority has taken cybersecurity seriously, and there is hope that they will continue to make improvements in the future.

The security of the FirstNet cellular network is essential to ensure the safety of public safety officials who rely on it every day. The concerns raised by Senator Wyden and security experts should not be dismissed, and it is essential that FirstNet takes immediate action to address these issues. Collaboration and transparency are key in addressing cybersecurity concerns, and it is hoped that the FirstNet Authority will be more forthcoming with its internal audits in the future. The security and lives of public safety officials depend on it.

Explore more