When the Helpers Are Hacked: Public Safety Tech Faces New Threats

✍🏻 From the Editor’s Desk

This week, the breach at BK Technologies underlines a sobering truth: even niche, mission-critical firms aren’t immune. As discussions on AI, quantum resilience, and zero trust intensify, we should ask: are we still underestimating the attacker’s reach into “specialized” ecosystems?

🔎 Deep Brief

When the Helpers Are Hacked: BK Technologies Breach Raises Public Safety Alarms

BK Technologies — a U.S. maker of communication systems used by first responders and public safety agencies — has confirmed a data breach on September 20. Attackers gained access to non-public data, including files tied to current and former employees. While day-to-day operations reportedly remained stable, the incident poses serious legal, reputational, and compliance risks.

According to public filings, insurance is expected to cover much of the investigation and recovery costs, but the full impact is still unfolding as inquiries continue.

Takeaway: This isn’t just another corporate breach. Adversaries are increasingly targeting the quieter players behind critical infrastructure — the vendors and tech providers that connect directly with emergency services and government systems. In an era where trust and continuity are everything, protecting these links in the public safety chain has never been more urgent

🧠 Strategy in Action

Mobilicom to Debut Cybersecurity Suite for Drones and Robotics at AUSA 2025

Mobilicom, a leader in securing autonomous systems, is set to unveil its new ICE (Immunity, Cybersecurity, Encryption) suite at the AUSA 2025 exposition. The platform delivers multi-layered, autonomous protection against threats like jamming, man-in-the-middle attacks, and system exploits—all without operator input.

👉 Takeaway: As drones and robotics become central to defense and critical operations, they face unique cybersecurity challenges—limited power, weight, and latency leave little room for traditional defenses. Mobilicom’s mission-aware, lightweight approach illustrates how security-by-design must evolve to keep pace with the next generation of autonomous tech.

🕵️ Threat Actor Spotlight

Dire Wolf: emergent ransomware group with global reach

Dire Wolf, a ransomware group was first spotted in May 2025. The group employs a classic double extortion model—encrypting data while threatening public release of exfiltrated content. To date, they have claimed 16 victims across 11 countries, with a focus in manufacturing and technology sectors. Technical analysis shows their binary is written in Golang, enabling cross-platform deployment, and initially packed with UPX to evade static detection.

Key traits

This group uses a mutex ("Global\direwolfAppMutex") to allow only one active instance and it checks for prior encryption by looking for a marker file (“runfinish.exe” on C:) before running.

Defensive advice 

To guard against groups like Dire Wolf, organizations should focus on layered detection and recovery strategies. Regularly test and isolate backups to prevent encryption spread, enforce strict privilege separation, and monitor for Golang-based binaries that may bypass traditional Windows-focused detections. Patch exposed services quickly, especially remote desktop and VPN endpoints. 

🛠️ Tool Check

Vulnerability Management Tools – A Comparison

Comparitech’s guide to Best Vulnerability Management Tools spotlights tools geared for scanning, prioritization, and remediation workflows. Here are the top ones.

• NinjaOne Vulnerability Manager – A cloud-based system within NinjaOne’s RMM suite that automates patching to fix software vulnerabilities.

• Invicti – Designed for development teams, it scans and secures in-house web applications before deployment.

• Acunetix – Offers automated penetration testing and full vulnerability scanning as a cloud or on-premises solution for Windows, macOS, and Linux.

• Intruder – A cloud platform providing regular vulnerability scans and risk reports for small and mid-sized organizations.

• ManageEngine Vulnerability Manager Plus – Combines scanning and patch management to detect and fix weaknesses in Windows and Windows Server systems.

🗣️ Community Signal

Now AI is already doing a lot of monitoring there for anomalies against benchmarks. But do you want to give AI the authority to cut the internet connection to shut down the system? Is it that bad of a problem? No, not yet. I want a human in there that quickly analyzes the AI data and says there is no need to shut down worldwide access. That is a horrific decision to make. But AI is going to do a lot of entry level.. Shane Allen, an assistant professor of Information Systems and Technologies at Oklahoma State University, Oklahoma City.

📚 Don’t Miss This

• Federal shutdown deals blow to already hobbled cybersecurity agency

• China is building a thriving semi industry off US leftovers, export controls be damned

• US researchers develop mid-flight defense against drone hacking

 🔗 Stay Connected

|Manage preferences|  |Refer a colleague |  |Contact us|  

Until next edition!