While cyberattacks are commonly associated with Internet Protocol (IP) networks, the land-mobile-radio (LMR) sector must urgently recognize that its critical, voice-centric systems are far from immune to such threats, according to Mission Critical Partners’ wireless technologies manager, Nick Falgiatore.

Speaking during the IWCE 2025 session, LMR Cybersecurity: It’s Time to Wake Up, Falgiatore stressed that a longstanding belief within the LMR community—that these systems are closed and therefore secure—is dangerously outdated.

“They’re not closed networks,” Falgiatore said. “LMR networks are just as vulnerable to cyber threats as any other IP-based system. In fact, they’re more at risk now than ever before.”

Historically, LMR systems were largely self-contained, with primary security concerns revolving around radio frequency (RF) interference, unauthorized access, or cloning of radios. These localized issues, while disruptive, typically didn’t pose long-term threats to overall network integrity.

“These challenges have always been part of the radio world,” Falgiatore explained. “They’re usually local, and while they can be a major nuisance, we have tools to manage them.”

However, the integration of IP-based technologies across LMR infrastructures—from core radio components to backhaul connections—has significantly widened the attack surface. Today, threats such as ransomware attacks can cause widespread system outages, with potentially catastrophic impacts on public safety communications.

“Cyberattacks now often originate from foreign actors, who can deploy malware that encrypts entire networks,” Falgiatore said. “Victims are then forced to pay a ransom in hopes of regaining access. This kind of scenario could render a public safety communications system completely unusable for an extended period.”

The adoption of remote access tools and centralized network management capabilities has brought efficiency gains—but also heightened risk. Falgiatore cited a real-world example where multiple unauthorized remote users accessed a client's radio management terminal using shared login credentials.

“Every remote session used the same standardized username and password,” he said. “The county had no idea who these users were or what they were doing. And this kind of situation is all too common across LMR systems today.”

While some radio vendors offer cybersecurity monitoring solutions, Falgiatore noted that these services are often limited in scope and cost-prohibitive for many public safety agencies. More importantly, they only alert stakeholders to a problem—they don’t provide a plan of action.

“Monitoring tools are only part of the solution,” he emphasized. “We need comprehensive cybersecurity strategies that include response and recovery plans. And right now, most agencies are dangerously underprepared in this regard.”

The gap isn’t just technological—it’s also educational. According to Falgiatore, many personnel responsible for managing LMR systems come from technical backgrounds rooted in radio operations, with little experience in IP networking or cybersecurity.

“These professionals are experts in maintaining radio equipment, but they often lack the foundational knowledge needed to defend modern networks,” he said. “We have a critical skills gap in the LMR industry. Understanding basic cybersecurity hygiene, implementing appropriate access controls, and holding vendors accountable for security standards—these are all essential steps that are being overlooked.”

In conclusion, Falgiatore urged the LMR community to act proactively before a major cyber incident forces change.

“Ask yourself: If your system was compromised tomorrow, do you have a plan to recover? Do your vendors?” he asked. “This is the kind of worst-case scenario we must work now to prevent—because once it happens, it may be too late.”

Original Source: View the Full Article