The 911 Call Centers have become a symbol of rescue and hope. But in recent months, that very symbol of safety is under attack in such cities such as Baltimore, Atlanta and Seattle. Ransomware and denial-of-service attacks are targeting these 911 centers, forcing some cities to “write down” emergency calls — pushing the system back 50 years or so.
According to NBC News, there have been 184 attacks on 911 call centers and other local government and safety agencies in the past 24 months. In Atlanta for instance, officials are still working out how a 10-day ransomware attack on municipal computer systems hit at least 5 out of 13 departments, knocking out some city services and forcing others to revert to paper records, according to Gizmodo.
In Atlanta, the ransom amount was $51,000 and hackers had encrypted large portions of the city’s computer system.
The FBI and other agencies are assisting Atlanta. The FBI discourages victims of ransomware from paying the ransom. Authorities feel paying the ransom will encourage others to launch similar attacks and paying the ransom does not guarantee your files will be unlocked.
How can this happen?
Unfortunately, there are no easy answers.
The news is rife with organizations from Fortune 100 companies with deep pockets dedicated to network security to major healthcare institutions being targeted by ransomware and other cybercrimes.
According to the Cisco 2018 Annual Cybersecurity report, there was an elevenfold increase in malware in 2017, which included the global attacks of Petya and WannaCry.
Attacks on the 911 call centers are nothing new. In 2014, Wired magazine tried to understand the vulnerabilities of the system and interviewed two medical doctors and a security expert – all of whom are also white-hat hackers. The article stated this trio was “…concerned about the security of the address databases, populated by subscriber information from telecoms, that first responders rely on to locate victims. If a hacker could obtain access to the databases, he could alter or delete critical information that could prevent help from arriving on time.”
Wired also identified “SWATing” as another threat to 911 and emergency operation centers. This involves phoning emergency organizations like 911 and using a spoofed phone number or caller ID to make fake reports of a home invasion or hostage threat, sending police to the address of an enemy or other targets.
Wired reported that a 12-year-old boy was able to convince SWAT teams to check out the homes of Ashton Kutcher and Justin Bieber with such methods. A serial swatter in Los Angeles even got police to lock down an elementary school while officers went in search for a gunman who didn’t exist.
In 2016, Fast Company conducted their analysis of the vulnerabilities of the 911 call center shortly after Arizona was hit by a denial-of-service attack in October of that year. Denial of Service attacks occur when a hacker floods websites with traffic from hijacked computers. Smartphones can also be hijacked and the attacker can direct them to inundate a particular site or phone number with traffic, effectively taking it offline.
According to Fast Company, “…if an attacker can manage to tie up all the available connections with malicious traffic, no legitimate information–like regular people browsing a website, or calling 911 in a real emergency–can make it through.”
Fast Company also writes that “These sorts of attacks could, potentially, be made less effective if malicious calls were identified and blocked at the moment they were placed. A defense system could be set up to identify 911 calls coming from a particular phone that has made more than a certain number of 911 calls in a given period of time–say more than 10 calls in the last two minutes.”
Organizations must ensure their data is properly protected. Ransomware and other cyber threats are very real and happening with rapidly increasing frequency all over the globe. For more information on protecting your network, contact DiamondIT at 877-716-8324.