Industry News

Criminals could launch DDoS attacks on 911 emergency for $100,000

What would happen if attackers compromised the 911 emergency network across the US? A recent study from Negev’s Cyber-Security Research Center shows how easy and cheap it would be for cybercriminals to launch DDoS attacks on this infrastructure.

It only takes $100,000, or as little as 6,000 smartphones, to compromise the emergency service in a US state. 200,000 smartphones could shut down the 911 emergency line in the entire country, a recent study found. Cybersecurity researchers from Ben-Gurion University, Mordechai Guri, Yisroel Mirsky, and Yuval Elovici created a fake cellular network in North Carolina and simulated repeated 911 calls to launch a DDoS attack.

“At the state-level, we found that as little as 6,000 bots (0.0006% of NC’s population) is enough to deny 20% and 50% of wireline and wireless callers from ever reaching 911 services (after 4-5 attempts each per caller). This is even more significant considering that 70% of 911 calls are wireless,” the researchers said. “With 50K bots (0.0054% of North Carolina’s population) nearly 90% of all wireless 911 callers never reach a call taker.”

Unfortunately, the emergency reporting system proved vulnerable in real life during the 9/11 terrorist attack, when thousands of calls made to 911, generating a DDoS attack.

Some measures to minimize attacks include Call Firewalls on cell phones and Priority Queues. Call Firewalls are “trusted low-level software components are used to identify and block DDoS activities” while Priority Queues are a system that gives priority to “callers with more reliable identifiers (e.g., valid IMSI versus some IMEI).”

About the author

Luana PASCU

From a young age, Luana knew she wanted to become a writer. After having addressed topics such as NFC, startups, and tech innovation, she has now shifted focus to internet security, with a keen interest in smart homes and IoT threats. Luana is a supporter of women in tech and has a passion for entrepreneurship, technology, and startup culture.

Add Comment

Click here to post a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.