Cell phone towers are at the heart of the country’s 911 system, one which is vulnerable to attack, according to researchers in Israel. Fifteen years after the September 11 attacks on the U.S. comes the sobering news that the nation’s 911 system could potentially be hacked.
Researchers at Ben Gurion University in Israel say in a report they’ve shared with the U.S. Department of Homeland Security and the FBI they’ve simulated a telephone denial-of-service attack to disable a state’s 911 call centers, reports NDTV. In a Telephony Denial of Service (TDoS) attack, cell phones are infected with malware so they make fake 911 calls, clogging the phone lines and preventing legitimate calls from getting through.
It would take just 6,000 infected phones to disrupt a 911 system in a typical state and some 200,000 infected phones to disrupt 911 centers nationwide, according to the researchers. That’s because 911 call centers operate at near capacity on a given day and it doesn’t take much to overwhelm them by increasing call volume just a little bit, says Mordechai Guri, head of R&D at the university’s Cyber Security Center and chief scientist at Morphisec Endpoint Security.
National Emergency Number Association Government Affairs Director Trey Forgety says the group believes the potential for a TDoS attack is “far worse” than what the Israeli researchers believe.
Part of the vulnerability issue is each state operates its own 911 call centers; telecom providers or third-party contractors route the calls to the call centers. A router determines the landline caller’s location by consulting a database. The router can determine a mobile caller’s location from the device’s GPS chip or from the cell tower that picks up the call. Based on location, the router directs the call to the nearest Public Safety Answering Point.
Hackers could potentially infect cell phones with malware that allows them to control the device as well as overwhelm the call centers and their routers with repeated, fake calls. A carrier or 911 system could theoretically block the calls, however the researchers were able to create malware that causes the phones to transmit random IDs to cell towers — changing the ID with each call to circumvent blacklisting.
Many states rely on a single router in each county to process 911 calls; by overwhelming one device, hackers can affect several call centers. Research suggests states could employ more routers to ensure no one device becomes a choke point in an attack.