Developed in Europe in the 1990s, Terrestrial Trunked Radio (TETRA) is a system for managing digital mobile communications for emergency services. The system serves as a standard for building critical Professional Mobile Radio (PMR) networks. But as technology evolves and new applications arise—such as the mass migration to IP protocols—these networks must contend with escalating cyberthreats.
PMR: critical communication networks
The PMR networks that we’re referring to here have a very simple definition: they are the networks that must keep going when everything else is going wrong. Their primary users are emergency services, such as firefighters, ambulances, hospitals, doctors, the police and airports. These services must be able to communicate, either internally or with each other, as part of a joint operation led by a prefecture or government task force.
These types of networks are also found in sensitive industrial infrastructures, such as refineries. “The common denominator is the major issue of public security”, explains Dominique Allietta, Stormshield Project Manager. “It may have something to do with an emergency, such as a bus crash, or with the ability to communicate in places where public infrastructure doesn’t even exist, such as an offshore platform”, he adds.
As such, PMR networks are used in any situation that carries a risk for human safety—from the transportation sector (metros, trains, etc.) to entertainment venues (amusement parks, stadiums, etc.). In such a situation, relying on a defective telephone antenna would be unsafe and ineffective. PMR networks may be deployed permanently or temporarily, e.g. for a special event. Service continuity is therefore critical for these networks. For example, the PMR system used by the Belgian police force, which is run by an entity known as Astrid, found itself completely overwhelmed during the Brussels terror attacks in March 2016. At the time, the size of the infrastructure wasn’t designed to absorb the spike in activity caused by this exceptional situation. In order to conduct rescue operations, they were forced to communicate via the Whatsapp application.
Another feature that sets these networks apart is that confidentiality of communications is more critical for them than for other networks. The information exchanged via these networks is sometimes subject to the kind of clearance levels seen in the defence industry, meaning that more stringent operational requirements are needed. “The challenges therefore have as much to do with stability of communication as they do with maintaining the integrity of the information transmitted”, notes Dominique Allietta.
Novel applications that increase cyber risks
Little by little, PMR networks are migrating to more modern and efficient architectures that rely on the IP protocol. This trend exposes next-generation PMR networks to “classic” cyber risks (data manipulation, breaches, leaks, etc.). It is therefore essential to strengthen authentication and encryption.
Integrating the much more standard IP protocol creates new vulnerabilitiesDominique Allietta, Stormshield Project Manager
At the same time, several other factors have further eroded their defences over the last few years:
- Application data
In addition to voice and low bit-rate data, such as SMSs or geolocation data, PMR users need to exchange photos and videos or use applications. This allows for more effective organisation when managing a crisis.
- The development of hybrid solutions
In order to meet these emerging needs, current solutions have incorporated PMR networks into high-speed communication solutions on commercial networks (i.e. 4G, and soon 5G).
“We need to ensure that all of these actors can securely communicate with each other, including OESs and municipal police forces, for example. As the Olympics approach, this aspect is not only crucial, but must also contend with the extraordinary scale of the event and the thousands of professionals who will be involved in security”, explains Eric Davalo, Head of Strategic Development at Airbus Secure Land Communications, in an article in a French magazine. At the 2008 Olympics, “80,000 first responders were using the PMR network at the time.”
How can we protect PMR networks in this context?
As it turns out, then, protecting PMR networks is no simple matter. In order to reach a PMR network from a simple IT network, you need more advanced resources than what traditional pirates use. As a result, there is a higher risk of sophisticated attacks. It is possible, for example, to intercept and alter data travelling via the PMR network, and thereby provide false information.
As such, organisations or businesses that use PMR networks may be classified as Operators of Essential Services (OESs) in the EU, requiring them to use certified or qualified security products.
While PMR services on 4G networks are still being standardised, 5G is practically there, ready to become the standard for commercial applications. To stay in the game, then, every actor (operators and customers alike) will need to be on the same page when it comes to the future of these infrastructures—as well as the technological advancements that could increase the capacity of these networks. For example, at higher speeds, there is likely to be a greater amount of critical information flowing through these systems, making it even more critical than it is today. “Anticipate” and “secure” will be the watchwords for ensuring these new technologies do not introduce any new weaknesses.