What types of attacks could compromise a 911 Emergency call infrastructure?

Add to my custom PDF

Hacking 9-1-1: Infrastructure Vulnerabilities and Attack Vectors

9-1-1 call centers are a critical component of communications infrastructure. They accept emergency calls, dispatch field responders and provide callers with emergency medical instructions before their arrival. Although the original implementation of basic 9-1-1 services relied mostly on telephone technology, enhanced 9-1-1, deployed in the 1980s, introduced significant new elements aimed at identifying the caller’s telephone number and location. As the technological capabilities of 9-1-1 services continue to expand, systems that were once safely managed solely by the telephone company are increasingly connected to less well-regulated networks. The interconnected technologies of 9-1-1 infrastructure are undoubtedly valuable for those needing emergency services, but they could also introduce new risks and potential vulnerabilities.

Goebel et al. describe the technical structure of the 9-1-1 call-taking system in the United States in terms of its current potential for compromising emergency services. The identified vulnerabilities were categorised as risking confidentiality, integrity and availability. This refers to the unauthorized disclosure of private information, the alteration and misdirection of system functionality and the provoked unavailability of emergency services respectively.

Breaches of Confidentiality: Surveillance of the 9-1-1 system could provide attackers with valuable information. Metrics such as call volumes and response times could be used to maximize damage during an attack.

Breaches of Integrity: Attackers can misdirect responder resources using text-based accessibility services provided for the deaf. These services reduce the amount of potentially identifying information provided and are prohibited from keeping records. Attackers can also generate false location or caller information using spoofing applications. These misdirections of resources can delay emergency response and increase collateral damage.

Breaches of Availability: Telephone denial of service attacks fill up the 9-1-1 call center phone lines, preventing the public from reporting emergencies. These attacks have already happened. They were executed by a malicious script released via social media and by automatic dialer devices. Ransomware attacks, where malicious software renders a computer unusable until a ransom is paid to the attacker, could be part of the next generation of attacks targeting availability.

The 9-1-1 infrastructure identifying the location of the caller has also evolved to incorporate wireless cellular providers. For example, the system incorporates cell tower information to better identify caller location. Voice-over-IP providers such as Skype present a special problem for 9-1-1 location services. VoIP services providers need to maintain a database of their subscribers with the appropriate location information, usually based on billing information.

Although all 9-1-1-focused attacks to date have been linked to criminal hackers, they could soon be employed by state-sponsored actors and terrorists. The current “Next Generation 9-1-1” upgrade effort in the US that is set to allow call centers to receive text messages, images and live video streams, could add further cybersecurity vulnerabilities to those already present in the telephone-based systems. Vulnerabilities could be mitigated by frequent software patching, network segmentation and dedicated cybersecurity response plans and teams.

Technological enhancements to the 9-1-1 services infrastructure are progressively introducing new vulnerabilties which need to be quickly mitigated.