For thirty-eight minutes, citizens and visitors of the island of Oahu, HI lived in a state of panic. Emergency broadcast systems sent the following message to cell phones across the island: “BALLISTIC MISSILE THREAT INBOUND TO HAWAII. SEEK IMMEDIATE SHELTER. THIS IS NOT A DRILL.”Although it was determined that this message was sent in error, the incident itself has left a community shaken and questioning the reliability of their local emergency alert systems. Over 5,000 calls were made to 911. Citizens received the alert but were frightened and did not know what to do. They were also confused and frustrated that it took so long be notified that the alert was sent in error.
For most public safety officials, this incident has caused them to inspect their own systems and practices. Many are forced to ask the following question: What would be the impact to our community if someone were to hack into our local emergency alert systems and distributed a similar emergency notice?
- How many calls would flood our 911 call center?
- Would there be a run on grocery stores?
- How would traffic and traffic accidents be impacted?
- Parents picking up children from elementary schools?
- People leaving town?
- What would be the impact on hospitals and emergency centers?
Someone wishing to cause such chaos only needs to find one vulnerability within agencies information management systems. The good news is that these systems can be protected as long as administrators know where and how to focus. By defining the current state of an agency and focusing on their Security Maturity (what they have done so far), a plan can be developed to gradually, within a definable budget, become much more secure. Security is a journey not a destination.
Solutions II has developed a brief security survey we use to help agencies quickly determine where they are vulnerable, rank remediation in order of importance and create a plan to reduce their exposure to threats regardless of where they come from. Don't be a part of thirty-eight minutes of panic!