Compliance Management, Critical Infrastructure Security

Annual cyber audit of US emergency response system sought

The Cybersecurity and Infrastructure Security Agency and the National Security Agency have been urged by Sen. Ron Wyden, D-Ore., to conduct an annual cybersecurity audit of the FirstNet phone network for emergency responders following the discovery of vulnerabilities in the Signaling System No. 7 protocol, which could be exploited to facilitate location tracking, call recording, and text message compromise, The Register reports. "These security flaws are also a national security issue, particularly if foreign governments can exploit these flaws to target US government personnel," said Wyden in a letter to both agencies. FirstNet contractor AT&T was also noted by Wyden to have refused to share audits of the network with CISA, NSA, and Congress, which is "simply unacceptable." "As the lead agencies responsible for the government's cybersecurity, CISA and NSA need to have access to all relevant information regarding the cybersecurity of FirstNet, and Congress needs this information to conduct oversight," Wyden said.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.