The 911 systems provide a quick and reliable way for citizens to access emergency services, and it is one that is frequently used. It is estimated that 240 million calls are made to 911 annually. How much disruption would be caused if the service was hacked and went down?
Background to 911
In 1957 the National Association of Fire Chiefs recommended that there be a single nationwide number for fires. From then on AT&T worked with the federal government on how to implement this. It was eleven years later, in 1968, that AT&T announced that 911 would be the universal emergency number during a press conference in Washington DC. Just 35 days after this, the first 911 call was placed in Alabama. However, rolling the system out across the country was a slow and painful process, by 1979 only 25% of the US population was covered by 911 or a similar service.
There was pressure to implement a universal number service from the beginning. Many other countries had already implemented one, for example, the UK introduced their emergency number, 999, back in 1937; New Zealand rolled out theirs in 1957, and Australia followed suit in 1961. Back in 1967 firefighter Leonard Kershner, who was representing the International Association of Firefighters asked India rep Ed Roush why the US had higher fire deaths compared to other countries, Ed responded that it was due to response time.
Hacks on 911
The US has seen some recent hacks on the 911 dispatch system, highlighting the importance of security on a system so critical for so many Americans. In March 2018, Baltimore’s 911 dispatch system was hacked, with the breach lasting 17 hours. The hackers had targeted a server responsible for electronically capturing details of the calls. Authorities stated that the breach was limited and that the information was relayed manually. The city of Atlanta also experienced a huge ransomware attack in the same month that meant city officials could not turn on their computers. This meant that police officers had to document information manually, although 911 was not affected directly.
Cybersecurity company SecuLore Solutions released a report detailing that 184 cyber attacks had been carried out on public safety agencies between 2015 and 2017. Attacks on 911 accounted for almost one-quarter of these attacks.
The preferred type of attack is a DDoS attack. A distributed denial of service attack is where multiple compromised computer systems attack a target in which several compromised computer systems attack a target, for example, a server, website or network, causing a denial of service. This means that legitimate users can no longer gain access to the system.
It is clear that more needs to be done to safeguard emergency service systems against these types of attacks. While a massive attack has not been conducted, in many ways the dispatch system is vulnerable and a large scale attack could be just around the corner. These systems are life-critical systems and so their security should be taken very seriously.