CATEGORIES
home News

911 Emergency Lines Can Suffer DDoS Attack With Disturbing Ease, Putting Lives At Risk

by Rob WilliamsTuesday, September 13, 2016, 01:00 PM EDT

Researchers from the Negev Cyber-Security Research Center at Ben-Gurion University recently released a terrifying piece of news. It explains that if a malicious entity decided to craft malware that infected only a few thousand mobile phones, it would be possible to cripple an entire 911 system. That means legitimate calls couldn't make it through, and staffers manning the lines would be inundated with fake calls.

The research published last week reveals that in most states, if as few as 6,000 mobile phones were infected with malware that serves no other purpose but to ring 911 repeatedly, it could cripple the entire operation in that state. If the number of infected phones jumps to 200,000, then the entire nation's 911 system could suffer downtime.

The mere idea of this kind of DDoS attack is beyond scary. Imagine being in a situation where you need to call 911 and are simply unable to get through. Obviously, such an attack would inevitably lead to death and all sorts of other mayhem, all potentially caused by a malicious piece of software.

911

Something else to consider is that most phones can call 911 even without a carrier plan, due to laws that require any phone to be able to contact emergency services if the need arises. That means old, decommissioned phones could even be re-purposed for malicious intent, in this particular scenario.

If that sounds outlandish, maybe it is if we're talking about a single, rouge hacker. But for organized, state-sponsored attackers it would be a different matter altogether. Even if they didn't launch the malware into the wild, with the hopes of infecting unsuspecting users' phones, the price of 6,000 or even 200,000 old phones could be easily justified if it meant bringing down the emergency services of an enemy nation. 

Unfortunately, there's no easy fix to this problem, although there are possible ways to mitigate such an attack. Implementing a feature in future phones that prevents rouge software from dialing 911 in the first place would help, although that won't aide in situations where older devices are used. Similarly, storing IMEIs and other relevant information could be done in trusted memory regions where modification is impossible by malware. Wireless carriers could also use smart algorithms on their network to detect fraudulent calls.

Whatever the solution, this is an area that needs attention -- quickly. The potential for mayhem and loss of life is too great to ignore.

Tags:  security, Privacy, emergency, DDoS
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment