Your session has expired.

Your authenticated session has expired due to inactivity. You can close this message and continue as a guest or log in again before proceeding.

Your reply has been posted successfully!

Entries » Blog » To patch or not to patch? Understanding the implications for LMR Systems. Author: Mick Palmer

To patch or not to patch? Understanding the implications for LMR Systems. Author: Mick Palmer

Created Sep 03 2015, 5:00 AM by Paul Jeffs

More and more often when users log into their personal devices, they are greeted with “New Security Updates Available…Install Updates Now.” Whether we realise it or not, security patching has become an integral part of our digital environment as a result of us always being connected to and highly dependant on electronic devices. Software vendors are constantly releasing patches to protect our personal and professional information from the more than 117,000 cyber attacks happening each day worldwide. What used to be a common best practice has become an industry tactic for survival.

In the case of enterprise IT and mission critical radio systems, the burden of security patching is exponentially higher. The frequency at which they are released exacerbates the issue to the point where keeping up with the patching cycle becomes an overwhelming endeavour. It quickly escalates into a full time task that commands devoted expertise and technological resources. These networks are imperative to daily operations, so the question of whether to patch or not to patch is not even up for debate. Everyone agrees on its importance, the challenge is how to do it best.

Industry research shows that system administrators are not keeping up with the patch cycle which is, in turn, putting systems at risk from malicious software that is designed to exploit these vulnerabilities. According to a study by the Center for Strategic and International Studies (CSIS) approximately 75% of all cyber security incidents exploited a vulnerability that already had a patch fix available. Recent research from Symantec on a coordinated attack aimed at the oil and gas industry pointed out that the hackers in this instance were not particularly advanced and exploited an old vulnerability using older malicious software (malware) that had been available through the cyber underground for some time. Hackers can rely more on inadequate patching, rather than their own ingenuity to develop new malicious tools.

When Land Mobile Radio (LMR) systems were based on circuit switched technology, the LMR system was considered a closed network. Those days are long gone. Today’s LMR system is at an optimal level of robustness due to its transition to an IP based environment. This changeover enabled the introduction of new features, interconnectivity to other IP based systems, use of standards based technology, and commercial off-the-shelf (COTS) hardware and software. In fact, from a fundamental standpoint, the differences between an LMR network and an IT network is simply the type of traffic traversing the system - predominantly voice on LMR and data on IT. However, the increase in COTS content borrowed from the IT industry and new interconnectivity has left the LMR system with the same security challenges - not previously experienced in traditional LMR - faced by IT system administrators. Therefore, keeping the LMR system patches current is now an imperative that cannot be ignored.

So, how hard is it to apply patches when they become available for the LMR system? We just accept the patches and move on, right? Not quite that easy unfortunately. First, the newest patches absolutely have to be tested in a sandbox environment before being deployed to the system. This is to ensure the fixes do not have a negative impact on highly sensitive, mission-critical operations. Software vendors are not privy to the mix of applications running on an LMR’s operating system (OS), the configuration used or the hardware they reside on. As a result, these vendors can not test all possible interactions.

patch test cadence.png

Pre-testing and deploying patches in a timely manner are the cornerstone of good security practice and go a long way to reducing overall risk. Motorola Solutions has dedicated test environments with LMR system engineers who pre-test all applicable security patches and provide simple deployment options to make patching as easy and painless as possible. We understand cybersecurity, and we have the expertise to meet all needs. We have over 300 customers worldwide we support today with patching and other security services.

To learn more about our what we are doing to secure LMR systems and how we can work with your team to patch and protect your mission critical systems, take a look at our Security Update Service.

MickPalmer.jpg

Mick Palmer is the Global Cybersecurity Services Manager at Motorola Solutions

Mick Palmer is on LinkedIn at https://www.linkedin.com/pub/michael-palmer/2/b24/374

LinkedIn-thank-you.jpg

Originally published in Fresh Ideas in Public Safety