In the News

CISA Releases Guide on TDoS-Based Attacks to Emergency 911

Jun 10, 2020 DHS

The Cybersecurity and Infrastructure Security Agency (CISA) has released a fact sheet on telephony denial of service attacks (TDoS) and how stakeholders can prevent these threats from disrupting public safety operations. CISA said Tuesday that TDoS attacks are meant to overload the networks of emergency communications facilities such as 911 dispatch centers through various attack vectors.

The guide, titled “Cyber Risks to 911: Telephony Denial of Service”, provides details on such vectors including botnets, manipulated landline phones, compromised private messaging and mobile phone-based breaches. The fact sheet additionally covers real-life TDoS scenarios and highlights best practices to help agencies prevent TDoS attacks.

Telephony denial of service attacks (TDoS) present a unique risk to public safety communications stakeholders, including Emergency Communications Centers (ECC), Publics Safety Answering Points (PSAP), and other 911 dispatch centers. TDoS events overload communications network elements with telephone calls—disrupting a jurisdiction’s ability to provide emergency response services. In response, the Cybersecurity and Infrastructure Security Agency (CISA) developed the Cyber Risks to 911: Telephony Denial of Service fact sheet to educate the public safety community on TDoS threats. 

Public safety organizations can leverage this fact sheet to familiarize themselves with TDoS threats and mitigation best practices. Specifically, the fact sheet:

  • Overviews common TDoS attack vectors, including mobile phones, botnets, voice over Internet Protocol services, compromised private branch exchanges, preprogrammed landline phones, and variable security standards,
  • Highlights real-world TDoS incidents and impacts, and
  • Provides best practices to mitigate TDoS vulnerabilities.

CISA developed the fact sheet in coordination with public safety stakeholders and cybersecurity subject matter experts to ensure the best practices support the public safety operations environment.