America’s people centric and globally popular emergency helpline number 911 has been found to be easily vulnerable to Distributed Denial of Service or DDoS attacks. Mordechai Guri, Yisroel Mirsky, Yuval Elovici, researchers at the Cyber Security Research Centre of Ben Gurion University have revealed the threat in thoroughly researched paper which was published on 9th September, 2016.ddosattack-911

Interestingly, the threat of attack has previously been issued by Department of Homeland Security as well as the FBI.

What alarms us is the fact that this attack need not be highly sophisticated and prevention of 911 service in any state can be managed with only 6K bots. In monetary terms, hardware worth $100 thousand can damage the life of millions natives for unknown number of days.

Instituted in 1968 as the universal number for emergency helpline, 9-1-1 is at the centre of Wireless Communications and Public Safety Act. 911 services are amongst the most critical services among the 16 critical infrastructure sectors of the USA.

9-1-1 uses the Enhanced 911 or the E911 technology, which aids in giving quick response as well as decodes the location of the caller. This technology, unfortunately, is severely flawed in terms of infrastructure safety.

The researchers report that infrastructure of 911 helpline is wide open for anyone to access it. It is designed in such a manner that all calls to 9-1-1 are transmitted to Public Safety Answering Point (PSAP). This transmission does not follow any process for validation of number, which is indeed the main reason that system becomes vulnerable.

What is DDos Attack

In simplest terms, DDoS attacks are a hacking method to prevent the end users of a service to access it. Hence, the end users would always find the service to be in busy or unavailable status, irrespective of how free the service is. The frequency with which these attacks take place is very high and the user is devoid of any service. Further, these attacks can continue for a long time, thus shutting the whole system down.

When such an attack is targeted on an emergency helpline service, its maximum capacity to take calls would be reached and all those in need would be rendered helpless. Last time such an event took place was 9/11, when so many people reached 911, that it rendered the service stalled for a significant amount of time.

How DDoS Can Damage 911 Helpline

Out of all the calls that 9-1-1 gets, a wide majority comes from smart phones. Out of all the American population that owns a mobile phone, more than 60% have a smart phone. Smartphones, when infected by the malware would create a botnet (an organised system of bots controlled by its creator). Such malware are existent and can be found quite commonly.

The researchers used an Android Smartphone to install a similar malware and simulated an attack to see how does 9-1-1 respond. The results were shocking, as there seems no possible solution to avoid such attack. 

This botnet would be controlled by the attacker who has installed the malware. At an appropriate time, the attacker would signal the botnet to continuously call the 9-1-1 helpline service. When bombarded in large numbers, the PSAP would be at their highest capacity and service would be denied to the genuine users.

When the legitimate calls get barred, the situation can turn highly critical. Crime rates can surge and police and ambulance would find it difficult to track down people and places.

Further, it would be very difficult to craft an alternative system to cater emergencies. In brief, DDoS attack on 9-1-1 would create a chaotic and catastrophic situation, with a a very few options available to the authorities.

9-1-1 emergency helpline cannot be compromised at any moment of time. Irrespective of the day, occasion and hour, it has to give services to the citizens. The research is an eye opener for the government and cyber security forces to create stricter laws and implement mechanisms which strengthen the system’s security.

For anyone who intends to learn the risk, cause, research and process, they can access the research paper here.