Last week, the FCC adopted a Notice of Proposed Rulemaking proposing rules and policies that will extend the customer-proprietary network information obligations under Section 222 of the Communications Act.to providers of Broadband Internet Access Services. The proposed rules would create three tiers of customer approval with respect to service provider use and disclosures of CPNI and impose a series of technology-based best practices for wireline and mobile broadband service providers. The proposed rules are expected to elicit significant opposition from the major wireline and mobile broadband providers. Comments are due May 27 and Reply Comments are due June 27.
SCADA System Hacked
Last month, Verizon released its first Data Breach Digest, which provides details on select cyber investigations conducted by Verizon’s Research, Investigations, Solutions and Knowledge (RISK) Team. The report describes several cyber-attacks by a “hacktivist” group against an unnamed water utility’s Supervisory Control and Data Acquisition (SCADA) platform, which were discovered during an assessment of the utility’s networks and systems. According to the report, the SCADA platform- an AS/400 system- was used to control the water district’s valve and flow control as well as IT functions that stored customer and billing information. By exploiting vulnerabilities in the payment application web server, the hackers were able to manipulate the settings related to water flow and the amount of chemicals used to treat the water.
The National 911 Program has released an updated compilation of existing and planned standards for NG911 systems. Initially released in 2011 and updated annually, the report seeks to compile and track standards developed by a variety of organizations and ensure interoperability among public safety jurisdictions at all levels. The report states that national collaboration should be utilized to monitor IP-enabled 911 open standards; routing, prioritization and business rules; and to establish security controls to manage access to IP-enabled 911 systems, among other purposes.
Last week the FCC adopted an Order expanding the Lifeline program to provide support for stand-alone broadband service as well as bundled voice and data service packages. The Order also sets minimum standards for broadband speeds, establishes a third-party National Eligibility Verifier of subscriber eligibility, and sets a budget of $2.25 billion to allow for increased participation in the program.