Some recent articles on Telephony Denial of Service (TDoS) and how it affects 911
Oct 10, 2016
Check out the following articles on Telephony Denial of Service (TDoS) and how it could affect 911 systems. The threat described involves how a botnet of affected smart phones, could be used to flood a 911 center in the same local area as the compromised smart phones. This is definitely possible. While most 911 centers have some extra capacity, very few if any have the ability to operate effectively if flooded with 1000’s of concurrent calls. This is especially true if this occurs during an emergency, when the 911 center is already inundated with legitimate calls.
There are other ways to generate TDoS, such as use of free PBX software such as Asterisk, SIP trunks/a compromised service provider. However, one of the challenges is using these services to make “local” 911 calls. For example, if you used a SIP trunk and made 911 calls, where would they go? It is tricky to target a particular 911 center. This is why using compromised smart phones is a particularly nasty technique, because assuming you could compromise a few thousand smart phones in a large metropolitan area, you could easily use this to overwhelm the local 911 center.
Finally, the Department of Homeland Security (DHS) Science and Technology Directorate (S&T) Cyber Security Division (CSD) is very aware of this issue and we have been performing research with them to address this issue. I summarized this work in earlier posts and provide more details in the future. You can get a summary of this research program by watching a video recording from a DHS conference earlier this year.