October is the month to think about all things spooky and scary so we thought we'd share our thoughts on the scariest public safety scenarios that keep us up at night. From our perspective, the nightmare scenarios involve the City being taken hostage, either virtually or physically.
Imagine a ransomware cyberattack that travels across the City's networks, holding all data hostage until the ransom is paid. Even worse, imagine a complex coordinated terror attack where multiple targets are attacked simultaneously, creating city-wide chaos and hindering the City's ability to respond.
The good news is that Los Angeles is meeting these threats head on with innovative and practical solutions. Mayor Garcetti's administration has prioritized cyber security with several initiatives that are the first of their kind in the county. When it comes to public safety response and coordination among agencies, the Los Angeles region is often looked to as one of the best in the nation. That coordination is essential for thwarting and responding to sophisticated, simultaneous attacks on multiple targets. We will spare you any tired trick or treat metaphors and jump into the specifics.
Cyber Attacks: Ransomware
October is National Cybersecurity Awareness month -- created to raise awareness and ensure people have the resources to be safe and secure online. For the past decade the most prevalent type of cybercrime was intellectual property theft. Attackers would rob people or companies of their ideas, inventions, and creative expressions, including patents, copyrights and trade secrets.
However, 2014-2015 ushered in the era of ransomware attacks, a new battlefront for hackers. Ransomware is a range of malicious software that will pervade your computer or IT system and encrypt anything the infected machine is linked to, including external drives and data backups. As described in a recent New York Times article, "ransomware is different because it does not destroy data or equipment. It simply locks it up, making it inaccessible without a complex numeric key that is provided only to those who pay the ransom."
The past year saw a dramatic uptick in reported ransomware attacks. In July, the US Conference of Mayors confirmed 22 ransomware attacks on city, county, and state governments in the first six months of 2019. Why the increase? Some experts point to the rise of cryptocurrencies such as Bitcoin and Merano. Cryptocurrency transactions are completely anonymous and highly secure; attackers demanding to be paid in cryptocurrency ensure the financial transaction is virtually untraceable.
So how do we defend ourselves? Besides sharing preventative tips -- such as do not open emails from senders you don't recognize and back up all your data -- the Department of Homeland Security and FBI have struggled with how to assist victims. But on the local level, the City of Los Angles is taking proactive measures.
In 2014, Mayor Garcetti unveiled a state-of-the-art Cyber Intrusion Command Center which operates 24/7 to monitor cyberthreats facing the Los Angeles area. Then in 2017 the Mayor launched the LA Cyber Lab, a cooperative network created to disseminate information and intelligence based on analysis of more than one billion security-related events and over four million attempted intrusions into City networks per day.
Most recently in September 2019, the Mayor announced the Threat Intelligence Sharing Platform. The platform, developed in partnership with IBM, collects cyber threats from city agencies and private businesses who have opted to participate, analyzes the data and generates threat intelligence and trend analysis for all members, including smaller sized business who might not be able track these trends on their own.
Los Angeles is one of the first cities in the nation to share its cyber threat data with the public. This is an important step forward because too frequently companies and organizations that have been hacked don't release the information for fear of brand and reputational damage. By providing timely notifications regarding specific threats, the Mayor's office might give local companies the crucial few hours they need to run that virus check and install the latest security updates.
Terror Attacks: Complex Coordinated Attacks
FEMA defines a complex coordinated terror attack (CCTA) as an act of terrorism that involves synchronized and independent team(s) at multiple locations, initiated with little or no warning, and employing one or more weapon systems: firearms, explosives, fire as a weapon, and other nontraditional attack methodologies that are intended to result in large numbers of casualties. The attacks in Mumbai in 2008 and in Paris in 2015 are recent examples.
The coordinated attacks in Paris on November 13 left 130 people dead and hundreds wounded. The attackers targeted a soccer stadium, bars and restaurants and a concert hall -- all venues they knew would be crowded on a Friday evening. Simultaneous attacks with multiple crime scenes require a nimble response from a security force trained in crisis and counter-terrorism strategies. LAPD pioneered a tactical program known as MACTAC, Multiple Assault Counter-Terrorism Action Capabilities. MACTAC trains officers to spontaneously and effectively control various threats as quickly as possible and fosters prompt, cooperative training and response among multiple agencies.
In January/February 2020, the City will conduct what is known in the industry as a Functional Exercise, in which they will simulate a complex coordinated terrorist attack on the City and test our ability to respond. These exercises work to ensure that the various agencies involved, including fire, police, emergency management, public health and transportation, know how to work together. These exercises also test the City's ability to communicate with the public as events unfold. Without official, timely updates the news and social media will fill the gap, often with inaccurate or misleading information which only further aggravates the chaos.
These exercises are incredibly complex to stage and expensive in terms of dedicated labor hours. Are they worth it? Absolutely. As we often hear in the field, "You don't rise to the occasion; you fall to your level of preparedness.”
Following the bombing at the Boston Marathon, the Harvard Kennedy School released a report sharing lessons learned and analyzing why the response in Boston had been so effective. Their primary finding was that the Boston region had trained and prepared for exactly such an event and they credited the multi-dimensional preparedness of the region. "Response organizations have undertaken detailed and careful planning for the many fixed events like the Marathon that are staged annually in the Boston area. They have seen to the development of both institutional and personal relationships among response organizations and their senior commanders, ensured the adoption of formal coordination practices, regularly held intra- and cross-organization drills and exercises, and generated experience during actual events."
As the City does its best to prepare for these nightmare scenarios let's do our part as Angelenos. The final recommendation from the Harvard Kennedy School report concluded: "Community resilience should be systematically developed and celebrated. In the face of the bombing, Boston showed strength, resilience, even defiance – and these were key drivers of the overall outcomes … that is, of ‘Boston Strong’.” We don't need a nightmare to be Los Angeles Strong.