The New York City Fire Department (FDNY) said it intends to build a digital firewall to protect the city’s rescue workers from cyber-attacks.
The request was published in the City Record and called for consultant services “for the development and implementation of protective strategies to address the cyber-threat of doxxing and to provide resiliency for the security of personal information.”
These include anti-hack software and the development of a training program targeting agents that regularly interact with the public.
“The service should provide real time threat mitigation and recovery capabilities in the event of access to and misappropriation of personally identifiable data during the course of official duties as a member of the FDNY,” the request reads.
According to the New York Post, who spoke with FDNY spokesman Frank Dwyer, the move was not motivated by a particular attack against one of the rescue workers but to protect the department’s database.
From an organizational standpoint, the FDNY department database currently includes the personal information of over 15,000 emergency responders and other workers, together with retirees and patient data.
Those records are typically shared with hospitals, health insurers and the federal Medicare system to allow the FDNY to submit reimbursement for a range of medical supplies and patient transport expenses.
Since data-in-transit is also usually more vulnerable than data-at-rest, the creation of a more reliable cybersecurity infrastructure could substantially aid in its safeguard against malicious actors.
The proposal comes at a time of increased cyber-attacks, including doxxing, against law enforcement agents, particularly after the police killing of George Floyd in Minneapolis in 2020.
On an adjacent note, the New York State’s Joint Commission on Public Ethics (JCOPE) was forced to temporarily halt its systems in March following a “deliberate malicious cyber-attack.”
A month before that, the New York State said it was creating a Joint Security Operations Center (JSOC) to centralize its cyber-defenses.