U.S. Emergency Phone System ‘911’ Can Be Easily Hacked
In a report published on Friday, researchers at Israel’s Ben-Gurion University warned that hackers can compromise emergency services like 911 across entire states and potentially entire countries due to the vulnerability that affects the way emergency calls are handled.
911 is a famous emergency phone system established in 1968 for the purpose of routing calls as quickly as possible to the nearest emergency responder.
According to the research group’s findings, it was possible to hack this system and disable it within an entire state for a prolonged time span through a simple Telephone Denial of Service (TDoS) attack.
A malicious hacker using this strategy could “infect” mobile phones, creating enough fake 911 calls to clog call centers queues, and keep authentic callers in emergencies from reaching a dispatcher or operator. In order for a hacker to wage an attack capable of crippling emergency services for an entire state the size of North Carolina, only about 6,000 smartphones would need to be infected with malware. Similarly, about 200,000 smartphones would have to be infected to disable the entire nation’s 911 phone system.
“Under these circumstances, an attacker can cause 33 percent of the nation’s legitimate callers to give up in reaching 911,” the researchers wrote in a paper they recently passed to the Department of Homeland Security (DHS) and also made public yesterday.
The chances of 911 systems becoming compromised is hardly slight considering the ubiquity of smartphones as well as how easily they can be hacked, the researchers wrote in their paper.
“We believe the researchers have accurately characterized the problem” with the 911 system, Trey Forgety, the director of government affairs for the National Emergency Number Association, told The Washington Post on Friday upon reading the report.
“We actually believe that the vulnerability is in fact worse than [the researchers] have calculated,” he said.
Source: The Washington Post