Emergency call centers are among the facilities going offline because of telephone denial of service attacks (TDoS).
TDoS attacks are increasing in number, and they impact public safety answering point (PSAP) operations. That means 911 call centers may find it impossible to communicate with callers or even first responders.
The Department of Homeland Security’s National Coordinating Center for Communications last year reported that several public safety answering points saw TDoS attacks.
Fire Chief magazine said that many of the TDoS attacks start out with a phone call from a caller with a heavy accent who says he or she works for a collections company. The caller will request getting paid about $5,000. If the request is denied, the TDoS attack follows, in which 911 operators get bombarded with fake phone calls from Session Initiation Protocol (News - Alert) (SIP) software.
“This software will robo-dial hundreds or thousands of simultaneous phone calls mimicking a landline or VoIP line and can be programmed to send calls that will keep the lines open for as long as possible,” the magazine reports. “If a person is reached, the software has the ability to speak inaudibly or play white noise so the responder doesn’t immediately hang up. These attacks hinder the PSAP’s ability to answer legitimate inbound calls — a huge problem because many PSAPs use the same telephone lines for inbound calls that they do for contacting fire and EMS dispatchers during an emergency.”
These attacks can last for weeks. The magazine recommends that a PSAP redirect its calls to another PSAP “that has hardened itself from TDoS attacks. There also are companies that offer TDoS mitigation, although it can be expensive. All attacks should be reported to the FBI immediately at www.ic3.gov along with as much information as possible about the attacker,” the magazine adds.
PSAPs may be able to prevent TDoS attacks. One way is to increase the channels through which callers can report an emergency. NG-911 systems can take text messages. In addition, FirstNet can mitigate TDoS attacks by using TCP/IP, according to David Kahn, CEO of Covia Labs, writing for Fire Chief magazine.
In addition to 911 call centers, hospitals and other organizations which take emergency calls are most at risk to the attack, news reports said.
The Internet Crime Complaint Center has gotten over 100 reports about telephone denial-of-service-type attacks. Among the other U.S. victims are: a nursing home in Wisconsin in November, a public safety agency and a manufacturer in Massachusetts in early 2013, a Louisiana emergency operations center in March, a Massachusetts medical center in April, and a Boston hospital in May, TMCnet said.
Edited by Alisen Downey