911 Vulnerable To DDoS Attack

Last week Amarillo, Texas, also experienced an outage with its 911 system. In this instance, the huge volume of this traffic was accidental, although certainly not difficult for anyone with malicious intent to replicate in a DDoS attack; overloading the inbound call-taking capabilities of a center and staff, effectively taking them out of service. Stephen Gates, Chief Research Intelligence Analyst at NSFOCUS commented below.

Stephen Gates, Chief Research Intelligence Analyst at NSFOCUS:

StephenGates_Professional“The combination of smartphone, specially designed malware, and E911 services are the ingredients needed to craft the textbook TDoS (Telephony Denial of Service) attack.  As a matter of fact, one of DHS’s recent initiatives is to address the vulnerabilities in E911 services and devise ways of protecting call centers from outages caused by malware infected smartphones repeatedly calling E911.  This activity effectively consumes all available voice lines at call centers and ends up blocking legitimate callers.  Citizens would likely be denied access to E911 services, regardless of the emergency at hand, when their local E911 call center comes under a TDoS attack.  Determining which phone calls are bogus and what calls are legitimate is no easy task for those trying to protect E911 from TDoS.”