The latest research released this week by Ben Gurion University in Israel reveals the findings of 911 systems been potentially in danger that could overwhelm a complete state’s 911 system with endless calls, by using a network of hacked smartphone, and shutting out a great portion of legitimate callers, also known as a denial of service attack (DOS attack).
According to this article, researchers replicated North Carolina’s model based on its 911 network, with the knowledge that all emergency response systems are run at the local or state level, and the assessment determined that if hackers compromised 6000 smartphones with malicious software, they could make calls to 911 and block out half of all legitimate callers using cell phones in North Carolina.
Those results were shared to the US Department of Homeland Security says the Washington Post, and remarks of this type of danger have been made in the past of denial of service attacks on emergency response infrastructure.
The solution proposed was to change phone infrastructure completely, and stop using old fashion analog phone switches to route emergency calls, and instead use provide internet-like network called managed IP Networks, however there was no mentioned of how much money this would undertake in this article.
9http://www.cnet.com/news/911-could-face-its-own-emergency-hackers/
Roberto – That’s a very interesting article. I think Cyber Security is a bit underrated due to its potential to cause catastrophic consequences. This is one of the reasons I got into this field to hopefully help raise the awareness of a myriad of threats and risks. North Carolina’s appointed officials should take this seriously and implement a effective solution as soon as possible. May this be a wake up call for all other states.
We posted same thing! Roberto. But the article I looked at missed the North Carolina research part. I think this should be a issue that PCC should take a serious look at because DDoS attack is relatively simple and 911 is so important that related to people’s lives. They should hire experts to implement call firewalls and figure out some solutions to further control the problem. Fortunately, researchers find out it first instead of hackers. They still have time to do something before tragedy happens.
I’m interested to know what a managed IP network is and how it would prevent a DDoS attack. The article mentioned eliminating the calling protocol that’s in use as if that would solve the problem. I know websites are vulnerable to DDoS attacks so what about managed IP network makes it so safe?
I did a little research into the matter and found that managed IP networks are communication networks that are planned, built, and managed by a third party. Perhaps these would be more resistant to DDoS attacks, but I believe with enough bots attacking the system, the service would still be denied for at least some users. I think distributed denial of service attacks are so dangerous because you can’t simply block one device to rectify the problem. Each device is acting normal despite the fact that its being controlled by a third party, so it is difficult, if not impossible to determine which devices are bots and to block them effectively.