• To anyone looking to acquire commercial radio programming software:

    Please do not make requests for copies of radio programming software which is sold (or was sold) by the manufacturer for any monetary value. All requests will be deleted and a forum infraction issued. Making a request such as this is attempting to engage in software piracy and this forum cannot be involved or associated with this activity. The same goes for any private transaction via Private Message. Even if you attempt to engage in this activity in PM's we will still enforce the forum rules. Your PM's are not private and the administration has the right to read them if there's a hint to criminal activity.

    If you are having trouble legally obtaining software please state so. We do not want any hurt feelings when your vague post is mistaken for a free request. It is YOUR responsibility to properly word your request.

    To obtain Motorola software see the Sticky in the Motorola forum.

    The various other vendors often permit their dealers to sell the software online (i.e., Kenwood). Please use Google or some other search engine to find a dealer that sells the software. Typically each series or individual radio requires its own software package. Often the Kenwood software is less than $100 so don't be a cheapskate; just purchase it.

    For M/A Com/Harris/GE, etc: there are two software packages that program all current and past radios. One package is for conventional programming and the other for trunked programming. The trunked package is in upwards of $2,500. The conventional package is more reasonable though is still several hundred dollars. The benefit is you do not need multiple versions for each radio (unlike Motorola).

    This is a large and very visible forum. We cannot jeopardize the ability to provide the RadioReference services by allowing this activity to occur. Please respect this.

Hackers take down county Harris P-25 Phase II system

KAA951

Member
Premium Subscriber
Joined
Sep 9, 2004
Messages
828
Location
Kansas
From news coverage, the multi-site P-25 phase II trunking system (which is only a few years old) will be down for at least a week while new components are installed. Any ideas what it would take for a hacker to physically damage a system like this? when we raised this issue with the engineers a few years ago, they said it was impossible for a hacker to take down a radio system…

 

mmckenna

I ♥ Ø
Joined
Jul 27, 2005
Messages
24,101
Location
I am a lineman for the county.
I haven't seen this hit any of the trade magazines/webs yet, but haven't really been looking close.

Unlikely RF hardware was damaged. More than likely servers or network equipment was compromised enough that it was easier to replace. Often someone will get in and encrypt all the data on the servers and then require payment to remove the encryption. They may have figured it was easier to just replace the compromised servers with new ones, rather than pay a ransom.

Since these systems are often IP based, all it takes is one IT guy forgetting to plug a hole in the network and someone will eventually find it.

New media rarely understands the technology involved, and tends to get things confused. I'd not take anything in the news story as gospel truth.
 

MTS2000des

5B2_BEE00 Czar
Joined
Jul 12, 2008
Messages
5,320
Location
Cobb County, GA Stadium Crime Zone
If one's P25 core is that exposed, then they have a serious issue. This is why these systems are typically on segregated and isolated WANs/private microwave backhaul, and any connections to the "outside world" is heavily guarded through border routers, hardware firewalls with tight security and auditing, and are closely monitored for any and all access attempts. Not familiar with L3H core hardware/software, but MSI systems are pretty robust and by default "locked down and out" to prevent this from happening. Someone has some explaining to do.
 

lenk911

Member
Joined
Feb 24, 2007
Messages
89
Location
St Paul, MN
I can guess what has happened. One of the biggest problems with modern day radio systems is using the same devices and interfaces as I-T. Most I-T people think they own and have free rein over RJ45s, mux and routers. Only 5% seem to have the expertise and common sense to stay away from public safety's radio IT system. You don't know how many foreign RJ45's I have pulled then went nose to nose with them. I wish the industry would have standardized on a RJ46XWYZ that is colored bright red!

BTW: The same 95% think I-T is exempt from all laws of physics especially lightning! Their point to point microwave has a special blessing with increased range/reliability that common carrier and public safety microwave lacks!
 

MTS2000des

5B2_BEE00 Czar
Joined
Jul 12, 2008
Messages
5,320
Location
Cobb County, GA Stadium Crime Zone
This is why the "IT Crowd" are banned contractually, physically and by policy from coming anywhere near my RNI and anything that does touch the CEN is monitored closely by our radio support team, MSI and the MSI shop. Only a controlled and monitored/audited small list have access to PRNM suite and other tools, and remote access requires many layers of security and is limited to a very few select people with a business need to have it.
 

KAA951

Member
Premium Subscriber
Joined
Sep 9, 2004
Messages
828
Location
Kansas
The irony is that this county is an “island” who refused to join the statewide radio system used by all of its neighbors- partially based on their distrust for the state systems security and reliability. Now, the state has come to their rescue, providing one of their mobile P-25 trunking sites and use of the state system while they recover.
 

chrismol1

P25 TruCking!
Joined
Mar 15, 2008
Messages
1,231
Do they use LTE or something? Is that how else the system would be open to the outside? I've noticed over the past years a few systems around here have started using APX NEXT LTE/WIFI and also started a contract with motorola for cyber security monitoring services and updates
 

mmckenna

I ♥ Ø
Joined
Jul 27, 2005
Messages
24,101
Location
I am a lineman for the county.
Do they use LTE or something? Is that how else the system would be open to the outside? I've noticed over the past years a few systems around here have started using APX NEXT LTE/WIFI and also started a contract with motorola for cyber security monitoring services and updates

I don't know about that system, but many new systems are using LTE and/or WiFi for improving coverage. Motorola SmartConnect, Harris BeON, Tait Axiom, etc.

Likely the issue here was that someone didn't properly secure the data network part of the system. Someone found it and did some damage. Not necessarily related to LTE or WiFi integration. Probably an unpatched router, or someone left a hole in the security.
 

RFI-EMI-GUY

Member
Joined
Dec 22, 2013
Messages
6,929
If one's P25 core is that exposed, then they have a serious issue. This is why these systems are typically on segregated and isolated WANs/private microwave backhaul, and any connections to the "outside world" is heavily guarded through border routers, hardware firewalls with tight security and auditing, and are closely monitored for any and all access attempts. Not familiar with L3H core hardware/software, but MSI systems are pretty robust and by default "locked down and out" to prevent this from happening. Someone has some explaining to do.
Motorola was pushing CORE on a cloud subscription service a while back. I dont know if that got traction, but I was very leery of that proposal.
 

eorange

♦RF Damaged Member♦
Joined
Aug 20, 2003
Messages
2,982
Location
Cleveland, OH
What made you leery? Done properly, Cloud can provide availability and resiliency far beyond any locally owned physical installation, as long as the business case fits.
 

mmckenna

I ♥ Ø
Joined
Jul 27, 2005
Messages
24,101
Location
I am a lineman for the county.
What made you leery? Done properly, Cloud can provide availability and resiliency far beyond any locally owned physical installation, as long as the business case fits.

Cloud = "Someone else's computer"

It's only as good as the network connection to the "cloud". For some rural areas, getting multiple connections to the internet that use physically diverse paths can be a challenge. And the agency doesn't always have control of what sort of network topology changes get made without their knowledge. Back a little over 10 years ago some fiber got cut next county over. That's when we discovered that ALL the carriers were using the exact same physical fiber cable for their services. Even "protect" circuits were just in a different buffer tube, same cable.

A good multi site system will have their own redundant paths between sites, often using different mediums (microwave, fiber, etc) giving multiple connections to the core. Some systems use redundant cores at different locations.

While cloud can work fine for some, many of us that have had the, uh, "experience" of working with Motorola know that it's just another way for them to force their own control over the radio system, and squeeze more money out of taxpayers.
 

KevinC

Other
Super Moderator
Joined
Jan 7, 2001
Messages
11,696
Location
Home
Since these systems are often IP based, all it takes is one IT guy forgetting to plug a hole in the network and someone will eventually find it.
I walked into a very large dispatch center one day to find the dispatchers surfing the web...that shouldn't be possible. Seems IT had reconfigured a router and gave the consoles access to the outside world. No time for finger pointing, just plug that hole.
 

chrismol1

P25 TruCking!
Joined
Mar 15, 2008
Messages
1,231
I walked into a very large dispatch center one day to find the dispatchers surfing the web...that shouldn't be possible. Seems IT had reconfigured a router and gave the consoles access to the outside world. No time for finger pointing, just plug that hole.
They use it around here all the time- truepeoplesearch etc to find numbers and possible further information on unknown calls
 

mmckenna

I ♥ Ø
Joined
Jul 27, 2005
Messages
24,101
Location
I am a lineman for the county.
My point was this thread is about a Harris system issue and has nothing to do with MSI. I'm not out to "prove" anything.
You are exactly right. My reply was directed at those that were mentioning Motorola. I wouldn't think Harris is any better.
Unfortunately I'm stuck within our IT group and get this IT crap splattered on me periodically. IT ≠ LMR and the two need to remain distant cousins. Cloud can be a good solution for some, but a bad solution for others.
 

mmckenna

I ♥ Ø
Joined
Jul 27, 2005
Messages
24,101
Location
I am a lineman for the county.
I walked into a very large dispatch center one day to find the dispatchers surfing the web...that shouldn't be possible. Seems IT had reconfigured a router and gave the consoles access to the outside world. No time for finger pointing, just plug that hole.

Our dispatchers have separate computers for that. Anything radio/911 related is buried behind firewalls, access control lists in routers, etc. Even then, it's dangerous. I wish it was airgapped, but that's difficult to do with modern systems.

Many years ago some well meaning IT person that runs the "automatic force feed updates to all computers on the network" decided that updating the radio console PC's to the latests/greatest windows version was a wise idea. Some network guy left that hole in the firewall open. Took about 2 hours to get everything restored and some very tense conversations with some IT individuals about not *^&#ing around with radio/911 stuff, no matter what their manager told them.
 
Top