Criminals could launch DDoS attacks on 911 emergency for $100,000

What would happen if attackers compromised the 911 emergency network across the US? A recent study from Negev”s Cyber-Security Research Center shows how easy and cheap it would be for cybercriminals to launch DDoS attacks on this infrastructure.

It only takes $100,000, or as little as 6,000 smartphones, to compromise the emergency service in a US state. 200,000 smartphones could shut down the 911 emergency line in the entire country, a recent study found. Cybersecurity researchers from Ben-Gurion University, Mordechai Guri, Yisroel Mirsky, and Yuval Elovici created a fake cellular network in North Carolina and simulated repeated 911 calls to launch a DDoS attack.

“At the state-level, we found that as little as 6,000 bots (0.0006% of NC”s population) is enough to deny 20% and 50% of wireline and wireless callers from ever reaching 911 services (after 4-5 attempts each per caller). This is even more significant considering that 70% of 911 calls are wireless,” the researchers said. “With 50K bots (0.0054% of North Carolina”s population) nearly 90% of all wireless 911 callers never reach a call taker.”

Unfortunately, the emergency reporting system proved vulnerable in real life during the 9/11 terrorist attack, when thousands of calls made to 911, generating a DDoS attack.

Some measures to minimize attacks include Call Firewalls on cell phones and Priority Queues. Call Firewalls are “trusted low-level software components are used to identify and block DDoS activities” while Priority Queues are a system that gives priority to “callers with more reliable identifiers (e.g., valid IMSI versus some IMEI).”