Dedicated Broadband for MN Responders is now available

Good news from the press release…

DEDICATED BROADBAND FOR MINNESOTA RESPONDERS NOW AVAILABLE
Approved Contract Will Provide Priority and Preemption in Emergencies

ST PAUL – Minnesota’s law enforcement, fire and emergency medical services personnel and sovereign nations now have the opportunity to sign up for the dedicated nationwide public safety broadband network (NPSBN), known as FirstNet. The State of Minnesota finalized the contract with FirstNet and AT&T. The pair has partnered to build and deploy the network at no cost to taxpayers for 25 years.

FirstNet’s dedicated public safety network, devices and apps will allow first responders to send and receive mission-critical information without experiencing delays. Minnesota first responders currently use wireless networks that can become overwhelmed or lack coverage in rural areas, especially during emergencies.

“FirstNet offers priority, preemption and reliability during emergencies like the Interstate 35 bridge collapse or the recent refinery explosion in Superior, Wisconsin,” said Emergency Communication Networks Director Dana Wahlberg. “Duluth responders provided mutual aid to the refinery explosion and experienced congestion on the wireless network during the incident.”

In October 2017, Gov. Mark Dayton signed the agreement after the Department of Public Safety’s Emergency Communication Networks (ECN) division partnered with public safety stakeholders to draft Minnesota’s State Plan. ECN is coordinating with FirstNet and AT&T as they begin to build and develop a quality network across the state.

“By opening up this avenue for Minnesota’s public safety agencies to adopt FirstNet service, the State is ensuring that lifesaving technology quickly gets into the hands of first responders to help them save lives and protect communities,” said First Responder Network Authority CEO Mike Poth. “FirstNet is the only wireless communications platform for emergency response built with the feedback and input of Minnesota’s public safety community and we look forward to our continued partnership with the State as we deploy public safety’s network.”

It is up to each individual public agency and sovereign nation to determine if they want to subscribe to FirstNet. ECN has provided an online workbook to help agencies with project planning and considerations such as coverage, capacity and cost.

What is FirstNet?

FirstNet was created by the Middle Class Tax Relief and Job Creation Act of 2012 following a recommendation of the 9/11 Commission. Its mission is to create a dedicated public safety interoperable, nationwide mobile broadband network to enable continued communication during a disaster, emergency or large-scale event. The State of Minnesota initiated the FirstNet Consultation Project in January 2014. For more information on FirstNet, visit: www.firstnet.gov.

[FACT SHEET] Learn more about how FirstNet will help Minnesota first responders.

Klobuchar, Kennedy Introduce Bipartisan Privacy Legislation to Protect Consumers’ Online Data

From Senator Klobuchar’s website

April24, 2018

Legislation would increase transparency by strengthening disclosure requirements, ensure the right to control one’s own data by allowing people to opt out of data collection and tracking, and require notification of a privacy violation within 72 hours

WASHINGTON – U.S. Senators Amy Klobuchar (D-MN) and John Kennedy (R-LA) today announced privacy legislation that will protect consumers’ online data. Social media and other online platforms routinely capture users’ behavior and personal information, which is then used to help advertisers or other third parties target those users. The bipartisan legislation would require companies to make privacy disclosures clearer and more transparent, give consumers the right to control their own data by allowing people to opt-out of having their data collected, and require companies to notify consumers of a privacy violation within 72 hours.

Specifically, the legislation:

  • Requires terms of service agreements to be in plain language,
  • Ensures users have the ability to see what information about them has already been collected and shared,
  • Provides users greater access to and control over their data,
  • Gives consumers the right to opt-out and keep their information private by disabling data tracking and collection,
  • Mandates that users be notified of a privacy violation within 72 hours,
  • Offers remedies for users when a privacy violation occurs,
  • Requires that online platforms have a privacy program in place.

“Every day companies profit off of the data they’re collecting from Americans, yet leave consumers completely in the dark about how their personal information, online behavior, and private messages are being used.” Senator Klobuchar said. “Consumers should have the right to control their personal data and that means allowing them to opt out of having their data collected and tracked and alerting them within 72 hours when a privacy violation occurs and their personal information may be compromised. The digital space can’t keep operating like the Wild West at the expense of our privacy.”

“I don’t want to hurt Facebook, and I don’t want to regulate them half to death, either. But I have a job to do, and that’s protecting the rights and privacy of our citizens,” Senator Kennedy said. “Our bill gives consumers more control over their private data, requires user agreements to be written in plain English and requires companies to notify users of privacy violations. These are just simple steps that online platforms should have implemented in the first place.”

In October, Klobuchar introduced the Honest Ads Act with U.S. Senator Mark Warner (D-VA), Vice Chairman of the Select Committee on Intelligence, and U.S. Senator John McCain (R-AZ), Chairman of the Senate Committee on Armed Services, to help prevent foreign interference in future elections and improve the transparency of online political advertisements. Russia attempted to influence the 2016 presidential election by buying and placing political ads on platforms such as Facebook, Twitter and Google. The content and purchaser(s) of those online advertisements are a mystery to the public because of outdated laws that have failed to keep up with evolving technology. The Honest Ads Act would prevent foreign actors from influencing our elections by ensuring that political ads sold online are covered by the same rules as ads sold on TV, radio, and satellite.

 

Network Resiliency and Security Playbook for local government

Someone shared this with me, I wanted to pass it on. It’s from November 2017 – it’s a Network Resiliency and Security Playbook written to help local and state governments adopt best practices for preventing significant communications infrastructure failures and stopping or mitigating intrusions, hacking, and other disruptions of communications networks.

Intended audience…

The target audiences for this Playbook include information technology (IT) leaders and staff—the government employees who are responsible for implementing, operating, and maintaining IT systems—and the users of those government networks, including first responders. Because these audiences have a range of IT knowledge and expertise, this document includes high-level introductory information and links to useful background resources, as well as detailed technical descriptions of best practices.

Why you need it…

This Playbook addresses some of the key reasons that local and state government entities need to routinely include security and resiliency in their infrastructure development processes:

  • Local governments are attractive targets for cyber threats because they are often easy targets—especially those that do not have sufficient security resources and expertise

  • Local government networks can also be attractive targets in their own right, given their maintenance of sensitive data such as tax and voter rolls, contracts, procurements, traffic data, public-run utilities, etc.

  • Smaller governments often experience difficulty funding and staffing critical IT functions; as a result, those local governments might delay updating systems and applications, or even patching known issues, due to worry about proper functioning of legacy systems and risk of unintended impacts

  • Poor or inadequate segmentation of government networks can lead to large impacts from modest intrusion efforts

  • Local governments’ networks are increasingly interconnected with other systems, including those of other local governments, federal agencies, and private sector partners

  • Ransomware attacks make any target attractive regardless of size or sensitivity of data

  • Storms, floods, and other natural threats are a constant concern for any network, but especially for mission-critical public safety and government communications networks

If you’re still reading this may be a great tool for you!

New Year’s Resolution: Protect your Internet of Things

The Minneapolis Star Tribune ran an interesting article this week on cyber security and the Internet of things. The quick take is that the Internet of Things will make life so much more convenient but will also open us up for greater security risk. I think that’s the balance we have any time we use the Internet – for email, for web browsing, to buy anything. It’ makes life easier but riskier. The difference with the Internet of Things is that the risk more directly impacts our home and our bodies…

Consumers will soon become accustomed to conveniences such as starting a dishwasher from work, even though it’s hardly a necessity, said Ken Hoyme, a scientist with Minneapolis-based technology researchers Adventium Labs.

Small smart devices are “the weakest links” in a network, he said, whether it’s in a hospital or a home. For instance, he said computer worms can get into hospital systems through CAT scan machines with built-in browsers for automatic updates.

Breaking into an organization’s network could be as simple as exploiting out-of-date software on a smart thermostat to gain access to other connected systems, or simply changing the temperature settings to overheat a server room.

Hoyme said medical devices attached to the Internet could also be hacked, but that the dangers associated with not implanting a smart defibrillator far outweigh the likelihood of being the victim of a cyberattack. The University of Minnesota’s Technological Leadership Institute recently held a public forum on securing wireless medical devices against hacking.

If you’re looking for a short list for New Year’s Resolutions – you might at least consider how wide you want to balance convenience with security and privacy

Did you know you were a public hotspot hub for Comcast?

Here’s an ideological question – would you forgo personal privacy and security for the common good? If you could open up your home wireless router to others would you? I have certainly heard of people finding a way to share access with their neighbors since I’ve been in involved with ISPs. I remember in 1995, customers of MRNet found ways to connect their network through a dialup connection. (Can you imagine sharing a dialup connection now!) But the decision was always on the customer to share. Comcast has turned that around a little; according to CNN

Comcast has been swapping out customers’ old routers with new ones capable of doubling as public hotspots. So far, the company has turned 3 million home devices into public ones. By year’s end it plans to activate that feature on the other 5 million already installed.

Anyone with an Xfinity account can register their devices (laptop, tablet, phone) and the public network will always keep them registered — at a friend’s home, coffee shop or bus stop. No more asking for your cousin’s Wi-Fi network password.

And yes, this has been happening in Minnesota…

Comcast’s project that started in northern New Jersey has now spread to Boston, Chicago, Houston, Indianapolis, Minneapolis, Philadelphia, San Francisco, Seattle and elsewhere.

They say they have found ways to make it secure for the end user and to make sure added usage does not hinder speeds. All good developments – but to me the hiccup is doing it without informed consent. I assume customers have signed something (no one waking more eloquently about usage agreements that John Oliver on acceptable use) but according to the article, only one percent have opted out, which tells me most folks haven’t realized this was happening.

So two questions – should an ISP have permission/ability/right to open up the network in this way? Second – will they be opening up the technology to make this possible to others? So can a community looking to expand broadband learn any tricks? And a while back there was some pressure on coffee shops and others who offer public WiFi, often through “home” type connections to upgrade to commercial Hot Spot services – does this help those businesses offer public hot spots more easily and within the boundaries of their contract.

PSA on Security, Privacy and the Internet

It’s not often that I stand on a soapbox – and admittedly my life is kind of an open book online – but I thought the video below was worth sharing.

My intent is not to scare people away from using the Internet but just to be wise in the information they share. A recent report indicates that people aren’t very careful…

A new study by Amdocs Ltd. shows consumers are willing to barter personal data for service discounts, higher broadband speeds and priority customer service. The survey found that 57 percent of respondents said they would exchange data on Facebook friends, family members, and locations in return for a better service deal.

Last week I saw an interesting TED University talk by Jennifer Healey on personal ownership of our digital footprint. She chastised the privacy policies that no one reads pointing out that we are giving out a lot of information about ourselves for very little in return. Part of the problem is that right now access to personal digital information is an all or nothing proposition. There are times when you might be OK with sharing your personal data (from buying history to contacts) when the return is worthwhile – but access to the latest game app might not be it.

People need the power to be able to manage and negotiate with their own personal, digital data. There ought to be a better way – but in the meantime be prudent in the information you share and the access you give to various websites and apps in exchange for using their tools.

Is your community ready for a cyber attack?

Sometimes I lie awake at night and worry about what would happen if the Internet stopped working. How would I get work done? How would I communicate? How would the bank handle my money? Yet, I don’t have the best passwords. I suspect my firewall would be pretty easy to hack. Thanks to FourSquare I leave a digital footprint everywhere I go. I’m terrible about backing up anything. I’m all worry, no action. That makes me worry even more that everyone is like me. We worry about security late at night but we lapse into convenience in the light of day. Was US Bank like me?

The US Bank website was attacked last week. The Minneapolis/St Paul Business Journal (and others) reports that it was a denial of service attack…

The attacks flooded bank websites with 10 to 20 times more Internet traffic than the usual DOS attack. And even though the still-unidentified group behind the attacks announced its targets days ahead of time, banks were unable to cope with them.

So why weren’t they ready? I don’t know and I don’t want to pick on US Bank (they weren’t the only bank hit), but last spring I attended a National Security Conference at the U of M and one of the themes that came up was that human dynamics may be the weakest link in security these days…

Security often comes down to human error – or maybe human weakness. People open links they shouldn’t, download software they shouldn’t, transmit info via insecure wires networks. Sometimes that’s because people can be gullible; sometimes that’s because hackers can be good and persistent. Administrators don’t keep up on updates or take the time to shut all security doors and windows.

My worry was deepened last summer at TED Global, where we heard about groups who are looking to wreak havoc on security just because they can and where Marc Goodman from Future Crimes Institute, painted a very bleak picture of cyber security.

Marc Goodman did offer one ray of hope

Technology, he says, is affording exponentially growing power to non-state actors and rogue players, with significant consequences for our common global security. How to respond to these threats? The crime-fighting solution might just lie in crowdsourcing.

This fits in well with another TED speaker, Navy Admiral James Stavridis, who spoke of the need to build bridges, not walls. But part of crowdsourcing, part of building bridges is convincing more people that these topics are worth their time and consideration.

So back to my original question – Is your community ready for a cyber attack? If you don’t know the answer, who does? I’m hoping to find out more about who knows and how I can spread the word at the Cyber Security Summit next week (Oct 9-10). I’ll post my notes – but what I have picked up from previous cyber security conferences is that our greatest weakness is our potential strength – people! So I’d encourage others to attend.